Azure 安全权限
本文列出了安全类别中 Azure 资源提供程序的权限。 可以在自己的 Azure 自定义角色中使用这些权限,以针对 Azure 中的资源提供精细的访问控制。 权限字符串具有以下格式:{Company}.{ProviderName}/{resourceType}/{action}
Microsoft.AppComplianceAutomation
Azure 服务:适用于 Microsoft 365 的应用合规性自动化工具
| 操作 | 说明 |
|---|---|
| Microsoft.AppComplianceAutomation/onboard/action | 将给定订阅加入到 Microsoft.AppComplianceAutomation 提供程序。 |
| Microsoft.AppComplianceAutomation/triggerEvaluation/action | 触发对给定订阅的快速评估。 |
| Microsoft.AppComplianceAutomation/listInUseStorageAccounts/action | 列出相关报表正在使用的存储帐户 |
| Microsoft.AppComplianceAutomation/checkNameAvailability/action | 操作 checkNameAvailability |
| Microsoft.AppComplianceAutomation/getCollectionCount/action | 获取报表计数。 |
| Microsoft.AppComplianceAutomation/getOverviewStatus/action | 获取资源概述状态。 |
| Microsoft.AppComplianceAutomation/register/action | 注册 Microsoft.AppComplianceAutomation 的订阅 |
| Microsoft.AppComplianceAutomation/unregister/action | 注册 Microsoft.AppComplianceAutomation 的订阅 |
| Microsoft.AppComplianceAutomation/locations/operationStatuses/read | 读取 OperationStatuses |
| Microsoft.AppComplianceAutomation/locations/operationStatuses/write | 写入 operationStatuses |
| Microsoft.AppComplianceAutomation/operations/read | 读取操作 |
| Microsoft.AppComplianceAutomation/operations/read | 获取租户的 AppComplianceAutomation 报表列表。 |
| Microsoft.AppComplianceAutomation/operations/read | 获取 AppComplianceAutomation 报表及其属性。 |
| Microsoft.AppComplianceAutomation/reports/write | 创建新的 AppComplianceAutomation 报表或更新正在退出的 AppComplianceAutomation 报表。 |
| Microsoft.AppComplianceAutomation/reports/delete | 删除 AppComplianceAutomation 报表。 |
| Microsoft.AppComplianceAutomation/reports/write | 更新正在退出的 AppComplianceAutomation 报表。 |
| Microsoft.AppComplianceAutomation/reports/checkNameAvailability/action | 检查报表的嵌套资源名称可用性,例如:Webhook、证据、快照。 |
| Microsoft.AppComplianceAutomation/reports/fix/action | 修复 AppComplianceAutomation 报表错误。 例如:应用符合性自动化工具服务未注册、已删除自动化。 |
| Microsoft.AppComplianceAutomation/reports/getScopingQuestions/action | 修复 AppComplianceAutomation 报表错误。 例如:应用符合性自动化工具服务未注册、已删除自动化。 |
| Microsoft.AppComplianceAutomation/reports/syncCertRecord/action | 从应用合规性同步证明记录。 |
| Microsoft.AppComplianceAutomation/reports/verify/action | 验证 AppComplianceAutomation 报表运行状况。 |
| Microsoft.AppComplianceAutomation/reports/evidences/read | 返回指定报表的证据分页列表。 |
| Microsoft.AppComplianceAutomation/reports/evidences/read | 获取证据元数据 |
| Microsoft.AppComplianceAutomation/reports/evidences/write | 创建或更新指定报表的证据 |
| Microsoft.AppComplianceAutomation/reports/evidences/delete | 从指定报表中删除现有证据 |
| Microsoft.AppComplianceAutomation/reports/evidences/download/action | 下载证据文件。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read | 返回指定报表的单一实例范围配置的列表格式。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/read | 获取特定报表的 AppComplianceAutomation 范围配置。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/write | 获取特定报表的 AppComplianceAutomation 范围配置。 |
| Microsoft.AppComplianceAutomation/reports/scopingConfigurations/delete | 清理特定报表的 AppComplianceAutomation 范围配置。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/read | 获取 AppComplianceAutomation 快照列表。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/read | 获取 AppComplianceAutomation 快照及其属性。 |
| Microsoft.AppComplianceAutomation/reports/snapshots/download/action | 从快照下载合规性需求,例如,合规性报表、资源列表。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/read | 获取 AppComplianceAutomation Webhook 列表。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/read | 获取 AppComplianceAutomation Webhook 及其属性。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/write | 创建新的 AppComplianceAutomation webhook 或更新正在退出的 AppComplianceAutomation Webhook。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/delete | 删除 AppComplianceAutomation Webhook。 |
| Microsoft.AppComplianceAutomation/reports/webhooks/write | 更新正在退出的 AppComplianceAutomation Webhook。 |
Microsoft.DataProtection
Azure 服务:数据保护
| 操作 | 说明 |
|---|---|
| Microsoft.DataProtection/register/action | 注册给定资源提供程序的订阅 |
| Microsoft.DataProtection/unregister/action | 注销给定资源提供程序的订阅 |
| Microsoft.DataProtection/backupVaults/write | “创建 BackupVault”操作创建“备份保管库”类型的 Azure 资源 |
| Microsoft.DataProtection/backupVaults/write | “更新备份保管库”操作更新类型为“备份保管库”的 Azure 资源 |
| Microsoft.DataProtection/backupVaults/read | “获取备份保管库”操作获取表示“备份保管库”类型 Azure 资源的对象 |
| Microsoft.DataProtection/backupVaults/read | 获取订阅中备份保管库的列表 |
| Microsoft.DataProtection/backupVaults/read | 获取资源组中备份保管库的列表 |
| Microsoft.DataProtection/backupVaults/delete | “删除保管库”操作删除类型为“备份保管库”的指定 Azure 资源 |
| Microsoft.DataProtection/backupVaults/validateForBackup/action | 验证备份实例的备份 |
| Microsoft.DataProtection/backupVaults/backupInstances/write | 创建备份实例 |
| Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action | 验证备份实例的修改 |
| Microsoft.DataProtection/backupVaults/backupInstances/delete | 删除备份实例 |
| Microsoft.DataProtection/backupVaults/backupInstances/read | 返回备份实例的详细信息 |
| Microsoft.DataProtection/backupVaults/backupInstances/read | 返回所有备份实例 |
| Microsoft.DataProtection/backupVaults/backupInstances/backup/action | 对备份实例执行备份 |
| Microsoft.DataProtection/backupVaults/backupInstances/sync/action | “同步”操作会重试备份实例上的上一次失败操作,使其处于有效状态。 |
| Microsoft.DataProtection/backupVaults/backupInstances/restore/action | 触发对备份实例的还原操作 |
| Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action | 验证是否已对备份实例执行还原 |
| Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/action | “停止保护”操作会停止备份实例的备份和保留计划。 现有数据将永久保留。 |
| Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/action | “暂停备份”操作仅停止备份实例的备份。 保留活动将会继续,因此,数据将根据策略保留。 |
| Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/action | 继续保护 ProtectionStopped BI。 |
| Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/action | 继续备份 BackupsSuspended BI。 |
| Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action | 查找可还原的时间范围 |
| Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read | 返回备份保管库的备份操作结果。 |
| Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | 返回恢复点的详细信息 |
| Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | 返回所有恢复点 |
| Microsoft.DataProtection/backupVaults/backupJobs/read | 获取作业列表 |
| Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/action | 获取作业详细信息 |
| Microsoft.DataProtection/backupVaults/backupPolicies/write | 创建备份策略 |
| Microsoft.DataProtection/backupVaults/backupPolicies/delete | 删除备份策略 |
| Microsoft.DataProtection/backupVaults/backupPolicies/read | 返回备份策略的详细信息 |
| Microsoft.DataProtection/backupVaults/backupPolicies/read | 返回所有备份策略 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | 获取资源的 ResourceGuard 代理列表 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | “获取 ResourceGuard 代理”操作获取表示类型为“ResourceGuard 代理”的 Azure 资源的对象 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write | “创建 ResourceGuard 代理”操作创建类型为“ResourceGuard 代理”的 Azure 资源 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete | “删除 ResourceGuard 代理”操作删除类型为“ResourceGuard 代理”的指定 Azure 资源 |
| Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action | “解锁删除 ResourceGuard 代理”操作解锁下一删除关键操作 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action | 执行对软删除的备份实例的取消删除操作。 备份实例从 SoftDeleted 状态转为 ProtectionStopped 状态。 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | 按名称获取备份保管库中软删除的备份实例 |
| Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | 列出备份保管库中软删除的备份实例。 |
| Microsoft.DataProtection/backupVaults/operationResults/read | 获取备份保管库的修补操作的操作结果 |
| Microsoft.DataProtection/backupVaults/operationStatus/read | 返回备份保管库的备份操作状态。 |
| Microsoft.DataProtection/locations/checkNameAvailability/action | 检查所请求的 BackupVault 名称是否可用 |
| Microsoft.DataProtection/locations/getBackupStatus/action | 检查恢复服务保管库的备份状态 |
| Microsoft.DataProtection/locations/checkFeatureSupport/action | 验证功能是否受支持 |
| Microsoft.DataProtection/locations/operationResults/read | 返回备份保管库的备份操作结果。 |
| Microsoft.DataProtection/locations/operationStatus/read | 返回备份保管库的备份操作状态。 |
| Microsoft.DataProtection/operations/read | 操作返回资源提供程序的操作列表 |
| Microsoft.DataProtection/subscriptions/providers/resourceGuards/read | 获取订阅中的 ResourceGuard 的列表 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | 从次要区域返回已启用跨区域还原的备份保管库的恢复点。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action | 在给定的备份实例上触发跨区域还原操作。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action | 对跨区域还原操作执行验证。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | 列出次要区域中备份实例的跨区域还原作业。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | 从次要区域获取跨区域还原作业详细信息。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read | 返回备份保管库的备份操作状态。 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | “创建 ResourceGuard”操作创建“ResourceGuard”类型的 Azure 资源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | “获取 ResourceGuard”操作获取表示“ResourceGuard”类型的 Azure 资源的对象 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete | “删除 ResourceGuard”操作删除“ResourceGuard”类型的指定 Azure 资源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | 获取资源组中的 ResourceGuard 的列表 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | “更新 ResourceGuard”操作更新“ResourceGuard”类型的 Azure 资源 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | 获取 ResourceGuard 操作请求信息 |
| Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | 获取 ResourceGuard 默认操作请求信息 |
Microsoft.KeyVault
保护密钥和其他机密并保持对它们的控制。
Azure 服务:密钥保管库
| 操作 | 说明 |
|---|---|
| Microsoft.KeyVault/register/action | 注册订阅 |
| Microsoft.KeyVault/unregister/action | 取消注册订阅 |
| Microsoft.KeyVault/checkNameAvailability/read | 检查密钥保管库名称是否有效且未被使用 |
| Microsoft.KeyVault/deletedManagedHsms/read | 查看已删除的托管 HSM 的属性 |
| Microsoft.KeyVault/deletedVaults/read | 查看软删除的密钥保管库的属性 |
| Microsoft.KeyVault/hsmPools/read | 查看 HSM 池的属性 |
| Microsoft.KeyVault/hsmPools/write | 创建新 HSM 池或更新现有 HSM 池的属性 |
| Microsoft.KeyVault/hsmPools/delete | 删除 HSM 池 |
| Microsoft.KeyVault/hsmPools/joinVault/action | 将密钥保管库加入 HSM 池 |
| Microsoft.KeyVault/locations/deleteVirtualNetworkOrSubnets/action | 通知 Microsoft.KeyVault 正在删除虚拟网络或子网 |
| Microsoft.KeyVault/locations/notifyNetworkSecurityPerimeterUpdatesAvailable/action | 检查网络安全外围的配置是否需要更新。 |
| Microsoft.KeyVault/locations/deletedManagedHsms/read | 查看已删除的托管 HSM 的属性 |
| Microsoft.KeyVault/locations/deletedManagedHsms/purge/action | 清除已软删除的托管 HSM |
| Microsoft.KeyVault/locations/deletedManagedHsms/delete | 清除已软删除的托管 HSM |
| Microsoft.KeyVault/locations/deletedVaults/read | 查看软删除的密钥保管库的属性 |
| Microsoft.KeyVault/locations/deletedVaults/purge/action | 清除软删除的密钥保管库 |
| Microsoft.KeyVault/locations/managedHsmOperationResults/read | 检查长时间运行的操作的结果 |
| Microsoft.KeyVault/locations/operationResults/read | 检查长时间运行的操作的结果 |
| Microsoft.KeyVault/managedHSMs/read | 查看托管 HSM 的属性 |
| Microsoft.KeyVault/managedHSMs/write | 新建托管 HSM 或更新现有托管 HSM 的属性 |
| Microsoft.KeyVault/managedHSMs/delete | 删除托管 HSM |
| Microsoft.KeyVault/managedHSMs/PrivateEndpointConnectionsApproval/action | 批准或拒绝到 Microsoft.Network 提供程序的专用终结点资源的连接 |
| Microsoft.KeyVault/managedHSMs/keys/read | 列出指定托管 HSM 中的密钥,或读取指定密钥的当前版本。 |
| Microsoft.KeyVault/managedHSMs/keys/write | 创建新密钥的第一个版本(如果不存在)。 如果已存在,则返回现有密钥,而不进行任何修改。 此 API 不创建后续版本,也不更新现有的密钥。 |
| Microsoft.KeyVault/managedHSMs/keys/versions/read | 列出指定密钥的版本,或读取密钥的指定版本。 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/read | 查看到 Microsoft.Network 提供程序的专用终结点资源的连接代理状态 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/write | 更改到 Microsoft.Network 提供程序的专用终结点资源的连接代理状态 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/delete | 删除到 Microsoft.Network 提供程序的专用终结点资源的连接代理 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnectionProxies/validate/action | 验证到 Microsoft.Network 提供程序的专用终结点资源的连接代理 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/read | 查看到 Microsoft.Network 提供程序的专用终结点资源的连接状态 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/write | 更改到 Microsoft.Network 提供程序的专用终结点资源的连接状态 |
| Microsoft.KeyVault/managedHSMs/privateEndpointConnections/delete | 删除到 Microsoft.Network 提供程序的专用终结点资源的连接 |
| Microsoft.KeyVault/managedHSMs/privateLinkResources/read | 获取托管 HSM 的指定实例的可用专用链接资源。 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/Read | 获取资源的诊断设置 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/diagnosticSettings/Write | 创建或更新资源的诊断设置 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/logDefinitions/read | 获取托管 HSM 的可用日志 |
| Microsoft.KeyVault/managedHSMs/providers/Microsoft.Insights/metricDefinitions/read | 获取密钥保管库的可用指标 |
| Microsoft.KeyVault/operations/read | 列出可对 Microsoft.KeyVault 资源提供程序执行的操作 |
| Microsoft.KeyVault/vaults/read | 查看密钥保管库的属性 |
| Microsoft.KeyVault/vaults/write | 创建新的密钥保管库,或更新现有密钥保管库的属性。 某些属性可能需要更多的权限。 |
| Microsoft.KeyVault/vaults/delete | 删除密钥保管库 |
| Microsoft.KeyVault/vaults/deploy/action | 部署 Azure 资源时启用对密钥保管库中机密的访问 |
| Microsoft.KeyVault/vaults/PrivateEndpointConnectionsApproval/action | 批准或拒绝到 Microsoft.Network 提供程序的专用终结点资源的连接 |
| Microsoft.KeyVault/vaults/joinPerimeter/action | 联接网络安全外围的操作,由 NRP 的链接访问检查使用。 |
| Microsoft.KeyVault/vaults/accessPolicies/write | 通过合并或替换来更新现有访问策略,或向密钥保管库添加新的访问策略。 |
| Microsoft.KeyVault/vaults/eventGridFilters/read | 通知 Microsoft.KeyVault 正在查看 Key Vault 的 EventGrid 订阅 |
| Microsoft.KeyVault/vaults/eventGridFilters/write | 通知 Microsoft.KeyVault 正在创建 Key Vault 的新 EventGrid 订阅 |
| Microsoft.KeyVault/vaults/eventGridFilters/delete | 通知 Microsoft.KeyVault 正在删除 Key Vault 的 EventGrid 订阅 |
| Microsoft.KeyVault/vaults/keys/read | 列出指定保管库中的密钥,或读取指定密钥的当前版本。 |
| Microsoft.KeyVault/vaults/keys/write | 创建新密钥的第一个版本(如果不存在)。 如果已存在,则返回现有密钥,而不进行任何修改。 此 API 不创建后续版本,也不更新现有的密钥。 |
| Microsoft.KeyVault/vaults/keys/versions/read | 列出指定密钥的版本,或读取密钥的指定版本。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/delete | 删除代理与 Microsoft.Network 提供程序的网络安全外围资源的关联。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/read | 删除代理与 Microsoft.Network 提供程序的网络安全外围资源的关联。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterAssociationProxies/write | 更改与 Microsoft.Network 提供程序的网络安全外围资源关联的状态 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/read | 读取保管库中存储的网络安全外围配置。 |
| Microsoft.KeyVault/vaults/networkSecurityPerimeterConfigurations/reconcile/action | 协调保管库存储中的网络安全外围配置与 NRP 的(Microsoft.Network 资源提供程序)副本。 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/read | 查看到 Microsoft.Network 提供程序的专用终结点资源的连接代理状态 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/write | 更改到 Microsoft.Network 提供程序的专用终结点资源的连接代理状态 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/delete | 删除到 Microsoft.Network 提供程序的专用终结点资源的连接代理 |
| Microsoft.KeyVault/vaults/privateEndpointConnectionProxies/validate/action | 验证到 Microsoft.Network 提供程序的专用终结点资源的连接代理 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/read | 查看到 Microsoft.Network 提供程序的专用终结点资源的连接状态 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/write | 更改到 Microsoft.Network 提供程序的专用终结点资源的连接状态 |
| Microsoft.KeyVault/vaults/privateEndpointConnections/delete | 删除到 Microsoft.Network 提供程序的专用终结点资源的连接 |
| Microsoft.KeyVault/vaults/privateLinkResources/read | 获取密钥保管库的指定实例的可用专用链接资源 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Read | 获取资源的诊断设置 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/diagnosticSettings/Write | 创建或更新资源的诊断设置 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/logDefinitions/read | 获取密钥保管库的可用日志 |
| Microsoft.KeyVault/vaults/providers/Microsoft.Insights/metricDefinitions/read | 获取密钥保管库的可用指标 |
| Microsoft.KeyVault/vaults/secrets/read | 查看机密的属性,但不查看其值。 |
| Microsoft.KeyVault/vaults/secrets/write | 创建新机密或更新现有机密的值。 |
| DataAction | 说明 |
| Microsoft.KeyVault/vaults/certificatecas/delete | 删除证书颁发者 |
| Microsoft.KeyVault/vaults/certificatecas/read | 读取证书颁发者 |
| Microsoft.KeyVault/vaults/certificatecas/write | 写入证书颁发者 |
| Microsoft.KeyVault/vaults/certificatecontacts/write | 管理证书联系人 |
| Microsoft.KeyVault/vaults/certificates/delete | 删除证书。 所有版本都会被删除。 |
| Microsoft.KeyVault/vaults/certificates/read | 列出指定的 Key Vault 中的证书,或获取有关证书的信息。 |
| Microsoft.KeyVault/vaults/certificates/backup/action | 创建证书的备份文件。 该文件可用于还原同一订阅的 Key Vault 中的证书。 可能存在限制。 |
| Microsoft.KeyVault/vaults/certificates/purge/action | 清除证书,使其不可恢复。 |
| Microsoft.KeyVault/vaults/certificates/update/action | 更新与给定证书关联的指定属性。 |
| Microsoft.KeyVault/vaults/certificates/create/action | 创建新证书。 如果证书不存在,则创建第一个版本, 否则会创建一个新版本。 |
| Microsoft.KeyVault/vaults/certificates/import/action | 导入包含私钥的现有有效证书。 要导入的证书可以采用 PFX 或 PEM 格式。 如果 Key Vault 中不存在该证书,则会使用指定的内容创建第一个版本。 否则,将使用指定的内容创建一个新版本。 |
| Microsoft.KeyVault/vaults/certificates/recover/action | 恢复已删除的证书。 该操作与 Delete 操作相反。 该操作在启用了软删除的保管库中适用,必须在保留间隔内发出。 |
| Microsoft.KeyVault/vaults/certificates/restore/action | 从 Key Vault 所生成的备份文件还原证书及其所有版本。 |
| Microsoft.KeyVault/vaults/keyrotationpolicies/read | 检索给定密钥的轮换策略。 |
| Microsoft.KeyVault/vaults/keyrotationpolicies/write | 更新给定密钥的轮换策略。 |
| Microsoft.KeyVault/vaults/keys/read | 列出指定保管库中的密钥,或读取密钥的属性和公共材料。 对于非对称密钥,此操作会公开公钥,并提供执行公钥算法(例如加密和验证签名)的功能。 永远不会公开私钥和对称密钥。 |
| Microsoft.KeyVault/vaults/keys/update/action | 更新与给定密钥关联的指定属性。 |
| Microsoft.KeyVault/vaults/keys/create/action | 创建新密钥。 如果密钥不存在,则创建第一个版本。 否则,将使用指定的值创建一个新版本。 |
| Microsoft.KeyVault/vaults/keys/import/action | 导入在外部创建的密钥。 如果该密钥不存在,则使用导入的材料创建第一个版本。 否则,将使用导入的材料创建一个新版本。 |
| Microsoft.KeyVault/vaults/keys/recover/action | 恢复已删除的密钥。 该操作与 Delete 操作相反。 该操作在启用了软删除的保管库中适用,必须在保留间隔内发出。 |
| Microsoft.KeyVault/vaults/keys/restore/action | 从 Key Vault 所生成的备份文件还原密钥及其所有版本。 |
| Microsoft.KeyVault/vaults/keys/delete | 删除密钥。 所有版本都会被删除。 |
| Microsoft.KeyVault/vaults/keys/backup/action | 创建密钥的备份文件。 该文件可用于还原同一订阅的 Key Vault 中的密钥。 可能存在限制。 |
| Microsoft.KeyVault/vaults/keys/purge/action | 清除密钥,使其不可恢复。 |
| Microsoft.KeyVault/vaults/keys/encrypt/action | 使用密钥加密纯文本。 请注意,如果密钥为非对称密钥,此操作可以由拥有读取访问权限的主体执行。 |
| Microsoft.KeyVault/vaults/keys/decrypt/action | 使用密钥解密已加密文本。 |
| Microsoft.KeyVault/vaults/keys/wrap/action | 使用 Key Vault 密钥包装对称密钥。 请注意,如果 Key Vault 密钥为非对称密钥,此操作可以由拥有读取访问权限的主体执行。 |
| Microsoft.KeyVault/vaults/keys/unwrap/action | 使用 Key Vault 密钥解包对称密钥。 |
| Microsoft.KeyVault/vaults/keys/sign/action | 使用密钥为消息摘要(哈希)签名。 |
| Microsoft.KeyVault/vaults/keys/verify/action | 使用密钥验证消息摘要(哈希)的签名。 请注意,如果密钥为非对称密钥,此操作可以由拥有读取访问权限的主体执行。 |
| Microsoft.KeyVault/vaults/keys/release/action | 使用证明令牌中 KEK 的公共部分来释放密钥。 |
| Microsoft.KeyVault/vaults/keys/rotate/action | 创建现有密钥的新版本(使用相同的参数)。 |
| Microsoft.KeyVault/vaults/secrets/delete | 删除机密。 所有版本都会被删除。 |
| Microsoft.KeyVault/vaults/secrets/backup/action | 创建机密的备份文件。 该文件可用于还原同一订阅的 Key Vault 中的机密。 可能存在限制。 |
| Microsoft.KeyVault/vaults/secrets/purge/action | 清除机密,使其不可恢复。 |
| Microsoft.KeyVault/vaults/secrets/update/action | 更新与给定机密关联的指定属性。 |
| Microsoft.KeyVault/vaults/secrets/recover/action | 恢复已删除的机密。 该操作与 Delete 操作相反。 该操作在启用了软删除的保管库中适用,必须在保留间隔内发出。 |
| Microsoft.KeyVault/vaults/secrets/restore/action | 从 Key Vault 所生成的备份文件还原机密及其所有版本。 |
| Microsoft.KeyVault/vaults/secrets/readMetadata/action | 列出或查看机密的属性,但不列出或查看机密的值。 |
| Microsoft.KeyVault/vaults/secrets/getSecret/action | 获取机密的值。 |
| Microsoft.KeyVault/vaults/secrets/setSecret/action | 设置机密的值。 如果机密不存在,则创建第一个版本。 否则,将使用指定的值创建一个新版本。 |
| Microsoft.KeyVault/vaults/storageaccounts/read | 读取托管存储帐户的定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/set/action | 创建或更新托管存储帐户的定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/delete | 删除托管存储帐户的定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/backup/action | 创建托管存储帐户及其 SAS(共享访问签名)的定义的备份文件。 |
| Microsoft.KeyVault/vaults/storageaccounts/purge/action | 清除托管存储帐户或 SAS(共享访问签名)的软删除定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/regeneratekey/action | 重新生成托管存储帐户的访问密钥。 |
| Microsoft.KeyVault/vaults/storageaccounts/recover/action | 恢复托管存储帐户或 SAS(共享访问签名)的软删除定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/restore/action | 从 Key Vault 所生成的备份文件还原托管存储帐户及其 SAS(共享访问签名)的定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/set/action | 创建或更新托管存储帐户的 SAS(共享访问签名)定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/delete | 删除托管存储帐户的 SAS(共享访问签名)定义。 |
| Microsoft.KeyVault/vaults/storageaccounts/sas/read | 读取托管存储帐户的 SAS(共享访问签名)定义。 |
Microsoft.Security
保护企业免受混合云工作负荷中的高级威胁。
Azure 服务:安全中心
| 操作 | 说明 |
|---|---|
| Microsoft.Security/register/action | 注册 Azure 安全中心的订阅 |
| Microsoft.Security/unregister/action | 从 Azure 安全中心取消注册订阅 |
| Microsoft.Security/aggregations/action | 获取聚合 |
| Microsoft.Security/adaptiveNetworkHardenings/read | 获取受 Azure 保护的资源的自适应网络强化建议 |
| Microsoft.Security/adaptiveNetworkHardenings/enforce/action | 通过在给定网络安全组上创建匹配的安全规则,强制实施给定的流量强化规则 |
| Microsoft.Security/advancedThreatProtectionSettings/read | 获取资源的高级威胁防护设置 |
| Microsoft.Security/advancedThreatProtectionSettings/write | 更新资源的高级威胁防护设置 |
| Microsoft.Security/aggregations/read | 获取聚合 |
| Microsoft.Security/alerts/read | 获取所有可用的安全警报 |
| Microsoft.Security/alertsSuppressionRules/read | 获取所有可用的安全警报抑制规则 |
| Microsoft.Security/alertsSuppressionRules/write | 创建新的安全警报抑制规则或更新现有规则 |
| Microsoft.Security/alertsSuppressionRules/delete | 删除安全警报抑制规则 |
| Microsoft.Security/apiCollections/read | 获取 API 集合 |
| Microsoft.Security/apiCollections/write | 创建 API 集合 |
| Microsoft.Security/apiCollections/delete | 删除 API 集合 |
| Microsoft.Security/applicationWhitelistings/read | 获取应用程序允许列表 |
| Microsoft.Security/applicationWhitelistings/write | 创建新的或更新现有的应用程序允许列表 |
| Microsoft.Security/assessmentMetadata/read | 获取订阅中的可用安全评估元数据 |
| Microsoft.Security/assessmentMetadata/write | 创建或更新安全评估元数据 |
| Microsoft.Security/assessments/read | 获取订阅的安全评估 |
| Microsoft.Security/assessments/write | 创建或更新订阅的安全评估 |
| Microsoft.Security/assessments/governanceAssignments/read | 获取用于安全评估的治理分配 |
| Microsoft.Security/assessments/governanceAssignments/write | 创建或更新用于安全评估的治理分配 |
| Microsoft.Security/assessments/subAssessments/read | 获取订阅的安全子评估 |
| Microsoft.Security/assessments/subAssessments/write | 在订阅上创建或更新安全子评估 |
| Microsoft.Security/assignments/read | 获取安全分配 |
| Microsoft.Security/assignments/write | 创建或更新安全分配 |
| Microsoft.Security/assignments/delete | 删除安全分配 |
| Microsoft.Security/automations/read | 获取范围的自动化 |
| Microsoft.Security/automations/write | 创建或更新范围的自动化 |
| Microsoft.Security/automations/delete | 删除范围的自动化 |
| Microsoft.Security/automations/validate/action | 验证范围的自动化模型 |
| Microsoft.Security/autoProvisioningSettings/read | 获取订阅的安全自动预配设置 |
| Microsoft.Security/autoProvisioningSettings/write | 创建或更新订阅的安全自动预配设置 |
| Microsoft.Security/complianceResults/read | 获取资源的符合性结果 |
| Microsoft.Security/customRecommendations/read | 获取自定义建议 |
| Microsoft.Security/customRecommendations/write | 创建或更新自定义建议 |
| Microsoft.Security/customRecommendations/delete | 删除自定义建议 |
| Microsoft.Security/datascanners/read | 获取范围的 datascanners |
| Microsoft.Security/datascanners/write | 为范围创建或更新 datascanners |
| Microsoft.Security/datascanners/delete | 删除范围的 datascanners |
| Microsoft.Security/defenderforstoragesettings/read | 获取范围的 defenderforstoragesettings |
| Microsoft.Security/defenderforstoragesettings/write | 创建或更新范围的 defenderforstoragesettings |
| Microsoft.Security/defenderforstoragesettings/delete | 删除范围的 defenderforstoragesettings |
| Microsoft.Security/deviceSecurityGroups/write | 创建或更新 IoT 设备安全组 |
| Microsoft.Security/deviceSecurityGroups/delete | 删除 IoT 设备安全组 |
| Microsoft.Security/deviceSecurityGroups/read | 获取 IoT 设备安全组 |
| Microsoft.Security/externalSecuritySolutions/read | 获取外部安全解决方案 |
| Microsoft.Security/governanceRules/read | 获取用于管理安全态势的治理规则 |
| Microsoft.Security/governanceRules/write | 创建或更新用于管理安全态势的治理规则 |
| Microsoft.Security/informationProtectionPolicies/read | 获取资源的信息保护策略 |
| Microsoft.Security/informationProtectionPolicies/write | 更新资源的信息保护策略 |
| Microsoft.Security/integration/read | 获取范围上的集成 |
| Microsoft.Security/integration/write | 创建或更新范围上的集成 |
| Microsoft.Security/integration/delete | 委派或更新范围上的集成 |
| Microsoft.Security/iotDefenderSettings/read | 获取 IoT Defender 设置 |
| Microsoft.Security/iotDefenderSettings/write | 创建或更新 IoT Defender 设置 |
| Microsoft.Security/iotDefenderSettings/delete | 删除 IoT Defender 设置 |
| Microsoft.Security/iotDefenderSettings/PackageDownloads/action | 获取可下载的 IoT Defender 包信息 |
| Microsoft.Security/iotDefenderSettings/DownloadManagerActivation/action | 下载包含订阅配额数据的管理器激活文件 |
| Microsoft.Security/iotSecuritySolutions/write | 创建或更新 IoT 安全解决方案 |
| Microsoft.Security/iotSecuritySolutions/delete | 删除 IoT 安全解决方案 |
| Microsoft.Security/iotSecuritySolutions/read | 获取 IoT 安全解决方案 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取 IoT 安全分析模型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取 IoT 警报类型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取 IoT 警报 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取 IoT 建议类型 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取 IoT 建议 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/read | 获取设备 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/read | 获取 IoT 聚合警报 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedAlerts/dismiss/action | 关闭 IoT 聚合警报 |
| Microsoft.Security/iotSecuritySolutions/analyticsModels/aggregatedRecommendations/read | 获取 IoT 聚合建议 |
| Microsoft.Security/iotSensors/read | 获取 IoT 传感器 |
| Microsoft.Security/iotSensors/write | 创建或更新 IoT 传感器 |
| Microsoft.Security/iotSensors/delete | 删除 IoT 传感器 |
| Microsoft.Security/iotSensors/DownloadActivation/action | 下载 IoT 传感器的激活文件 |
| Microsoft.Security/iotSensors/TriggerTiPackageUpdate/action | 触发威胁情报包更新 |
| Microsoft.Security/iotSensors/DownloadResetPassword/action | 下载 IoT 传感器的重置密码文件 |
| Microsoft.Security/iotSite/read | 获取 IoT 站点 |
| Microsoft.Security/iotSite/write | 创建或更新 IoT 站点 |
| Microsoft.Security/iotSite/delete | 删除 IoT 站点 |
| Microsoft.Security/jitNetworkAccessPolicies/read | 获取实时网络访问策略 |
| Microsoft.Security/locations/read | 获取安全数据位置 |
| Microsoft.Security/locations/alerts/read | 获取所有可用的安全警报 |
| Microsoft.Security/locations/alerts/dismiss/action | 消除安全警报 |
| Microsoft.Security/locations/alerts/activate/action | 激活安全警报 |
| Microsoft.Security/locations/alerts/resolve/action | 解决安全警报 |
| Microsoft.Security/locations/alerts/simulate/action | 模拟安全警报 |
| Microsoft.Security/locations/externalSecuritySolutions/read | 获取外部安全解决方案 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/read | 获取实时网络访问策略 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/write | 创建新的或更新现有的实时网络访问策略 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/delete | 删除适时网络访问策略 |
| Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action | 启动适时网络访问策略请求 |
| Microsoft.Security/locations/securitySolutions/read | 获取安全解决方案 |
| Microsoft.Security/locations/securitySolutions/write | 创建新的或更新现有的安全解决方案 |
| Microsoft.Security/locations/securitySolutions/delete | 删除安全解决方案 |
| Microsoft.Security/locations/tasks/read | 获取所有可用的安全建议 |
| Microsoft.Security/locations/tasks/start/action | 启用安全建议 |
| Microsoft.Security/locations/tasks/resolve/action | 解决安全建议 |
| Microsoft.Security/locations/tasks/activate/action | 激活安全建议 |
| Microsoft.Security/locations/tasks/dismiss/action | 关闭安全建议 |
| Microsoft.Security/mdeOnboardings/read | 获取 Microsoft Defender for Endpoint 加入脚本 |
| Microsoft.Security/policies/read | 获取安全策略 |
| Microsoft.Security/policies/write | 更新安全策略 |
| Microsoft.Security/pricings/read | 获取某一范围的定价设置 |
| Microsoft.Security/pricings/write | 更新某一范围的定价设置 |
| Microsoft.Security/pricings/delete | 删除某一范围的定价设置 |
| Microsoft.Security/pricings/securityoperators/read | 获取范围的安全操作员 |
| Microsoft.Security/pricings/securityoperators/write | 更新范围的安全操作员 |
| Microsoft.Security/pricings/securityoperators/delete | 删除范围的安全操作员 |
| Microsoft.Security/secureScoreControlDefinitions/read | 获取安全评分控制定义 |
| Microsoft.Security/secureScoreControls/read | 获取订阅的计算所得安全评分控制 |
| Microsoft.Security/secureScores/read | 获取订阅的计算所得安全评分 |
| Microsoft.Security/secureScores/secureScoreControls/read | 获取安全评分计算的计算所得安全评分控制 |
| Microsoft.Security/securityConnectors/read | 获取安全连接器 |
| Microsoft.Security/securityConnectors/write | 更新安全连接器 |
| Microsoft.Security/securityConnectors/delete | 删除安全连接器 |
| Microsoft.Security/securityConnectors/devops/listAvailableAzureDevOpsOrgs/action | 返回连接器使用的用户令牌可访问的所有 Azure DevOps 组织的列表。 |
| Microsoft.Security/securityConnectors/devops/write | 创建或更新 DevOps 配置。 |
| Microsoft.Security/securityConnectors/devops/delete | 删除 DevOps 连接器。 |
| Microsoft.Security/securityConnectors/devops/read | 获取 DevOps 配置。 |
| Microsoft.Security/securityConnectors/devops/read | 列出 DevOps 配置。 |
| Microsoft.Security/securityConnectors/devops/write | 更新 DevOps 配置。 |
| Microsoft.Security/securityConnectors/devops/listAvailableGitHubOwners/action | 返回连接器使用的用户令牌可访问的所有 GitHub 所有者的列表。 |
| Microsoft.Security/securityConnectors/devops/listAvailableGitLabGroups/action | 返回连接器使用的用户令牌可访问的所有 GitLab 组的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/write | 创建或更新受监视的 Azure DevOps 组织的详细信息。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/delete | 删除受监视的 Azure DevOps 组织。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/read | 返回受监视的 Azure DevOps 组织资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/read | 返回已加入连接器的 Azure DevOps 组织的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/write | 更新受监视的 Azure DevOps 组织的详细信息。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/listAvailableProjects/action | 返回连接器使用的用户令牌可访问的所有 Azure DevOps 项目的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/write | 创建或更新受监视的 Azure DevOps 项目资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/delete | 删除受监视的 Azure DevOps 项目资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/read | 返回受监视的 Azure DevOps 项目资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/read | 返回已加入连接器的 Azure DevOps 项目的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/write | 更新受监视的 Azure DevOps 项目资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/listAvailableRepos/action | 返回连接器使用的用户令牌可访问的所有 Azure DevOps 存储库的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/write | 创建或更新受监视的 Azure DevOps 存储库资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/delete | 删除受监视的 Azure DevOps 存储库资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/read | 返回受监视的 Azure DevOps 存储库资源。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/read | 返回已加入连接器的 Azure DevOps 存储库的列表。 |
| Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects/repos/write | 更新受监视的 Azure DevOps 存储库资源。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/write | 创建或更新受监视的 GitHub 所有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/delete | 删除受监视的 GitHub 所有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/read | 返回受监视的 GitHub 所有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/read | 返回已加入连接器的 GitHub 所有者的列表。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/write | 更新受监视的 GitHub 所有者。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/listAvailableRepos/action | 返回连接器使用的用户令牌和应用安装可访问的所有 GitHub 存储库的列表。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/write | 创建或更新受监视的 GitHub 存储库。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/delete | 删除受监视的 GitHub 存储库。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/read | 返回受监视的 GitHub 存储库。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/read | 返回已加入连接器的 GitHub 存储库的列表。 |
| Microsoft.Security/securityConnectors/devops/gitHubOwners/repos/write | 更新受监视的 GitHub 存储库。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/write | 创建或更新受监视的 GitLab 组的详细信息。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/delete | 删除受监视的 GitHub 组。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/read | 为给定的完全限定名称返回受监视的 GitLab 组资源。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/read | 返回已加入连接器的 GitLab 组的列表。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/write | 更新受监视的 GitLab 组的详细信息。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listAvailableProjects/action | 获取由给定组直接拥有并可由连接器使用的用户令牌访问的所有 GitLab 项目的列表。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listSubgroups/action | 获取已加入连接器的给定 GitLab 组的嵌套子组。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/listAvailableSubgroups/action | 获取给定 GitLab 组的所有嵌套子组,这些子组可由连接器使用的用户令牌访问。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/write | 创建或更新受监视的 GitLab 项目的详细信息。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/delete | 删除受监视的 GitHub 项目。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/read | 为给定的完全限定的组名称和项目名称返回受监视的 GitLab 项目资源。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/read | 获取由给定组直接拥有并加入连接器的 GitLab 项目的列表。 |
| Microsoft.Security/securityConnectors/devops/gitLabGroups/projects/write | 更新受监视的 GitLab 项目的详细信息。 |
| Microsoft.Security/securityConnectors/devops/operationResults/read | 获取 devops 长期运行操作结果。 |
| Microsoft.Security/securityContacts/read | 获取安全联系信息 |
| Microsoft.Security/securityContacts/write | 更新安全联系信息 |
| Microsoft.Security/securityContacts/delete | 删除安全联系信息 |
| Microsoft.Security/securitySolutions/read | 获取安全解决方案 |
| Microsoft.Security/securitySolutions/write | 创建新的或更新现有的安全解决方案 |
| Microsoft.Security/securitySolutions/delete | 删除安全解决方案 |
| Microsoft.Security/securitySolutionsReferenceData/read | 获取安全解决方案引用数据 |
| Microsoft.Security/securityStandards/read | 获取安全标准 |
| Microsoft.Security/securityStandards/write | 创建或更新安全标准 |
| Microsoft.Security/securityStandards/delete | 删除安全标准 |
| Microsoft.Security/securityStatuses/read | 获取 Azure 资源的安全运行状况 |
| Microsoft.Security/securityStatusesSummaries/read | 获取某一范围的安全状态摘要 |
| Microsoft.Security/sensitivitySettings/read | 获取租户级敏感度设置 |
| Microsoft.Security/sensitivitySettings/write | 更新租户级敏感度设置 |
| Microsoft.Security/serverVulnerabilityAssessments/read | 获取给定资源的服务器漏洞评估加入状态 |
| Microsoft.Security/serverVulnerabilityAssessments/write | 在资源上创建或更新服务器漏洞评估解决方案 |
| Microsoft.Security/serverVulnerabilityAssessments/delete | 从资源中删除服务器漏洞评估解决方案 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/read | 获取给定订阅的服务器漏洞评估设置加入状态 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/write | 创建或更新给定订阅的服务器漏洞评估设置 |
| Microsoft.Security/serverVulnerabilityAssessmentsSettings/delete | 移除给定订阅的服务器漏洞评估设置 |
| Microsoft.Security/settings/read | 获取范围的设置 |
| Microsoft.Security/settings/write | 更新范围的设置 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/action | 将规则结果的列表添加到基线。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/read | 返回数据库的基线(已添加到基线的所有规则)或获取指定规则 ID 的规则基线结果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/write | 更改规则基线结果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/baselineRules/delete | 从基线中删除规则结果。 |
| Microsoft.Security/sqlVulnerabilityAssessments/scans/read | 返回漏洞评估扫描记录的列表,或获取指定扫描 ID 的扫描记录。 |
| Microsoft.Security/sqlVulnerabilityAssessments/scans/scanResults/read | 返回漏洞评估规则结果的列表,或获取指定规则 ID 的规则结果。 |
| Microsoft.Security/standardAssignments/read | 获取标准分配 |
| Microsoft.Security/standardAssignments/write | 创建或更新标准分配 |
| Microsoft.Security/standardAssignments/delete | 删除标准分配 |
| Microsoft.Security/standards/read | 获取安全标准 |
| Microsoft.Security/standards/write | 创建或更新安全标准 |
| Microsoft.Security/standards/delete | 删除安全标准 |
| Microsoft.Security/tasks/read | 获取所有可用的安全建议 |
| Microsoft.Security/webApplicationFirewalls/read | 获取 Web 应用程序防火墙 |
| Microsoft.Security/webApplicationFirewalls/write | 创建新的或更新现有的 Web 应用程序防火墙 |
| Microsoft.Security/webApplicationFirewalls/delete | 删除 Web 应用程序防火墙 |
| Microsoft.Security/workspaceSettings/read | 获取工作区设置 |
| Microsoft.Security/workspaceSettings/write | 更新工作区设置 |
| Microsoft.Security/workspaceSettings/delete | 删除工作区设置 |
| Microsoft.Security/workspaceSettings/connect/action | 更改工作区设置重新连接设置 |
Microsoft.SecurityGraph
Azure 服务:Microsoft Monitoring Insights
| 操作 | 说明 |
|---|---|
| Microsoft.SecurityGraph/diagnosticsettings/write | 写入诊断设置 |
| Microsoft.SecurityGraph/diagnosticsettings/read | 读取诊断设置 |
| Microsoft.SecurityGraph/diagnosticsettings/delete | 删除诊断设置 |
| Microsoft.SecurityGraph/diagnosticsettingscategories/read | 读取诊断设置类别 |
Microsoft.SecurityInsights
Azure 服务:Microsoft Sentinel
| 操作 | 说明 |
|---|---|
| Microsoft.SecurityInsights/register/action | 将订阅注册到 Azure Sentinel |
| Microsoft.SecurityInsights/unregister/action | 从 Azure Sentinel 取消注册订阅 |
| Microsoft.SecurityInsights/dataConnectorsCheckRequirements/action | 检查用户授权和许可证 |
| Microsoft.SecurityInsights/contentTranslators/action | 检查翻译内容 |
| Microsoft.SecurityInsights/Aggregations/read | 获取聚合信息 |
| Microsoft.SecurityInsights/alertRules/read | 获取警报规则 |
| Microsoft.SecurityInsights/alertRules/write | 更新警报规则 |
| Microsoft.SecurityInsights/alertRules/delete | 删除警报规则 |
| Microsoft.SecurityInsights/alertRules/triggerRuleRun/action | 触发按需规则运行执行 |
| Microsoft.SecurityInsights/alertRules/actions/read | 获取警报规则的响应操作 |
| Microsoft.SecurityInsights/alertRules/actions/write | 更新警报规则的响应操作 |
| Microsoft.SecurityInsights/alertRules/actions/delete | 删除警报规则的响应操作 |
| Microsoft.SecurityInsights/automationRules/read | 获取自动化规则 |
| Microsoft.SecurityInsights/automationRules/write | 更新自动化规则 |
| Microsoft.SecurityInsights/automationRules/delete | 删除自动化规则 |
| Microsoft.SecurityInsights/BillingStatistics/read | 读取 BillingStatistics |
| Microsoft.SecurityInsights/Bookmarks/read | 获取书签 |
| Microsoft.SecurityInsights/Bookmarks/write | 更新书签 |
| Microsoft.SecurityInsights/Bookmarks/delete | 删除书签 |
| Microsoft.SecurityInsights/Bookmarks/expand/action | 按特定的扩展获取实体的相关实体 |
| Microsoft.SecurityInsights/bookmarks/relations/read | 获取书签关系 |
| Microsoft.SecurityInsights/bookmarks/relations/write | 更新书签关系 |
| Microsoft.SecurityInsights/bookmarks/relations/delete | 删除书签关系 |
| Microsoft.SecurityInsights/businessApplicationAgents/read | 获取商业应用程序代理 |
| Microsoft.SecurityInsights/businessApplicationAgents/write | 创建或更新商业应用程序代理 |
| Microsoft.SecurityInsights/businessApplicationAgents/delete | 删除商业应用程序代理 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/read | 获取商业应用程序代理的系统 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/write | 创建或更新商业应用程序代理的系统 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/delete | 删除商业应用程序代理的系统 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/listActions/action | 列出系统的操作 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/reportActionStatus/action | 报告操作的状态 |
| Microsoft.SecurityInsights/businessApplicationAgents/systems/undoAction/action | 撤消操作 |
| Microsoft.SecurityInsights/cases/read | 获取案例 |
| Microsoft.SecurityInsights/cases/write | 更新案例 |
| Microsoft.SecurityInsights/cases/delete | 删除案例 |
| Microsoft.SecurityInsights/cases/comments/read | 获取案例注释 |
| Microsoft.SecurityInsights/cases/comments/write | 创建案例注释 |
| Microsoft.SecurityInsights/cases/investigations/read | 获取案例调查 |
| Microsoft.SecurityInsights/cases/investigations/write | 更新案例的元数据 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/read | 获取机密监视列表 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/write | 创建机密监视列表 |
| Microsoft.SecurityInsights/ConfidentialWatchlists/delete | 删除机密监视列表 |
| Microsoft.SecurityInsights/ContentPackages/read | 读取可用的内容包。 |
| Microsoft.SecurityInsights/ContentPackages/write | 安装或卸载内容包。 |
| Microsoft.SecurityInsights/ContentTemplates/read | 读取已安装的内容模板。 |
| Microsoft.SecurityInsights/ContentTemplates/delete | 删除已安装的内容模板。 |
| Microsoft.SecurityInsights/dataConnectors/read | 获取数据连接器 |
| Microsoft.SecurityInsights/dataConnectors/write | 更新数据连接器 |
| Microsoft.SecurityInsights/dataConnectors/delete | 删除数据连接器 |
| Microsoft.SecurityInsights/enrichment/domain/whois/read | 获取域的 whois 扩充 |
| Microsoft.SecurityInsights/enrichment/ip/geodata/read | 获取 IP 的 geodata 扩充 |
| Microsoft.SecurityInsights/entities/read | 获取 Sentinel 实体关系图 |
| Microsoft.SecurityInsights/entities/gettimeline/action | 获取特定范围的实体时间线 |
| Microsoft.SecurityInsights/entities/getInsights/action | 获取特定范围的实体见解 |
| Microsoft.SecurityInsights/entities/runPlaybook/action | 在实体上运行剧本 |
| Microsoft.SecurityInsights/entities/relations/read | 获取实体与相关资源之间的关系 |
| Microsoft.SecurityInsights/entities/relations/write | 更新实体与相关资源之间的关系 |
| Microsoft.SecurityInsights/entities/relations/delete | 删除实体与相关资源之间的关系 |
| Microsoft.SecurityInsights/entityQueries/read | 获取实体的调查扩展 |
| Microsoft.SecurityInsights/ExportConnections/read | 读取 ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/write | 写入 ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/delete | 删除 ExportConnections |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/read | 读取 ExportJobs |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/write | 写入 ExportJobs |
| Microsoft.SecurityInsights/ExportConnections/ExportJobs/delete | 删除 ExportJobs |
| Microsoft.SecurityInsights/fileimports/read | 读取文件导入对象 |
| Microsoft.SecurityInsights/fileimports/write | 创建或更新文件导入 |
| Microsoft.SecurityInsights/fileimports/delete | 删除文件导入 |
| Microsoft.SecurityInsights/hunts/read | 获取搜寻 |
| Microsoft.SecurityInsights/hunts/write | 创建搜寻 |
| Microsoft.SecurityInsights/hunts/delete | 删除搜寻 |
| Microsoft.SecurityInsights/hunts/comments/read | 获取搜寻注释 |
| Microsoft.SecurityInsights/hunts/comments/write | 创建搜寻注释 |
| Microsoft.SecurityInsights/hunts/comments/delete | 删除搜寻注释 |
| Microsoft.SecurityInsights/hunts/relations/read | 获取搜寻关系 |
| Microsoft.SecurityInsights/hunts/relations/write | 创建搜寻关系 |
| Microsoft.SecurityInsights/hunts/relations/delete | 删除搜寻关系 |
| Microsoft.SecurityInsights/incidents/read | 获取事件 |
| Microsoft.SecurityInsights/incidents/write | 更新事件 |
| Microsoft.SecurityInsights/incidents/delete | 删除事件 |
| Microsoft.SecurityInsights/incidents/createTeam/action | 创建一个 Microsoft 团队,通过在参与者之间共享信息和见解来调查事件 |
| Microsoft.SecurityInsights/incidents/runPlaybook/action | 运行事件 playbook |
| Microsoft.SecurityInsights/incidents/comments/read | 获取事件注释 |
| Microsoft.SecurityInsights/incidents/comments/write | 创建有关事件的注释 |
| Microsoft.SecurityInsights/incidents/comments/delete | 删除有关事件的注释 |
| Microsoft.SecurityInsights/incidents/relations/read | 获取事件与相关资源之间的关系 |
| Microsoft.SecurityInsights/incidents/relations/write | 更新事件与相关资源之间的关系 |
| Microsoft.SecurityInsights/incidents/relations/delete | 删除事件与相关资源之间的关系 |
| Microsoft.SecurityInsights/incidents/tasks/read | 获取事件的任务 |
| Microsoft.SecurityInsights/incidents/tasks/write | 更新事件的任务 |
| Microsoft.SecurityInsights/incidents/tasks/delete | 删除事件的任务 |
| Microsoft.SecurityInsights/Metadata/read | 读取 Sentinel 内容的元数据。 |
| Microsoft.SecurityInsights/Metadata/write | 写入 Sentinel 内容的元数据。 |
| Microsoft.SecurityInsights/Metadata/delete | 删除 Sentinel 内容的元数据。 |
| Microsoft.SecurityInsights/officeConsents/read | 获取 Microsoft Office 的同意 |
| Microsoft.SecurityInsights/officeConsents/delete | 删除 Microsoft Office 的同意 |
| Microsoft.SecurityInsights/onboardingStates/read | 获取加入状态 |
| Microsoft.SecurityInsights/onboardingStates/write | 更新加入状态 |
| Microsoft.SecurityInsights/onboardingStates/delete | 删除加入状态 |
| Microsoft.SecurityInsights/operations/read | Get 操作 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/read | 获取分析设置 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/write | 更新分析设置 |
| Microsoft.SecurityInsights/securityMLAnalyticsSettings/delete | 删除分析设置 |
| Microsoft.SecurityInsights/settings/read | 获取设置 |
| Microsoft.SecurityInsights/settings/write | 更新设置 |
| Microsoft.SecurityInsights/settings/delete | 删除设置 |
| Microsoft.SecurityInsights/SourceControls/read | 读取 SourceControls |
| Microsoft.SecurityInsights/SourceControls/write | 写入 SourceControls |
| Microsoft.SecurityInsights/SourceControls/delete | 删除 SourceControls |
| Microsoft.SecurityInsights/threatintelligence/read | 获取威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/write | 更新威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/delete | 删除威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/query/action | 查询威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/metrics/action | 收集威胁情报指标 |
| Microsoft.SecurityInsights/threatintelligence/bulkDelete/action | 批量删除威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/bulkTag/action | 批量标记威胁情报 |
| Microsoft.SecurityInsights/threatintelligence/createIndicator/action | 创建威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/queryIndicators/action | 查询威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/read | 读取 TI 批量操作对象 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/write | 创建或更新 TI 批量操作 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/delete | 删除 TI 批量操作 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/query/action | 查询威胁情报 STIX 对象 |
| Microsoft.SecurityInsights/threatintelligence/bulkactions/count/action | 查询威胁情报 STIX 对象计数 |
| Microsoft.SecurityInsights/threatintelligence/indicators/write | 更新威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/delete | 删除威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/query/action | 查询威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/metrics/action | 获取威胁情报指示器指标 |
| Microsoft.SecurityInsights/threatintelligence/indicators/bulkDelete/action | 批量删除威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/bulkTag/action | 批量标记威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/read | 获取威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/appendTags/action | 将标记追加到威胁情报指示器 |
| Microsoft.SecurityInsights/threatintelligence/indicators/replaceTags/action | 替换威胁情报指示器的标记 |
| Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/read | 读取 TI 引入规则对象集 |
| Microsoft.SecurityInsights/threatintelligence/ingestionrulelist/write | 创建或更新 TI 引入规则集 |
| Microsoft.SecurityInsights/threatintelligence/metrics/read | 收集威胁情报指标 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/read | 读取 TI 威胁行动者对象 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/write | 创建或更新 TI 威胁行动者 |
| Microsoft.SecurityInsights/threatintelligence/threatactors/delete | 删除 TI 威胁行动者 |
| Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/read | 获取触发的分析规则运行 |
| Microsoft.SecurityInsights/Watchlists/read | 获取播放列表 |
| Microsoft.SecurityInsights/Watchlists/write | 创建播放列表 |
| Microsoft.SecurityInsights/Watchlists/delete | 删除播放列表 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/read | 获取 WorkspaceManager 分配 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/write | 创建 WorkspaceManager 分配 |
| Microsoft.SecurityInsights/WorkspaceManagerAssignments/delete | 删除 WorkspaceManager 分配 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/read | 获取 WorkspaceManagerAssignments 作业 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/write | 创建 WorkspaceManagerAssignments 作业 |
| Microsoft.SecurityInsights/workspaceManagerAssignments/jobs/delete | 删除 WorkspaceManagerAssignments 作业 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/read | 获取 WorkspaceManager 配置 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/write | 创建 WorkspaceManager 配置 |
| Microsoft.SecurityInsights/WorkspaceManagerConfigurations/delete | 删除 WorkspaceManager 配置 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/read | 获取 WorkspaceManager 组 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/write | 创建 WorkspaceManager 组 |
| Microsoft.SecurityInsights/WorkspaceManagerGroups/delete | 删除 WorkspaceManager 组 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/read | 获取 WorkspaceManager 成员 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/write | 创建 WorkspaceManager 成员 |
| Microsoft.SecurityInsights/WorkspaceManagerMembers/delete | 删除 WorkspaceManager 成员 |