zoukankan html css js c++ java

Azure ARM (23) 自定义Role

　　有关Azure Custom Role的入门材料，可以参考：Azure ARM (17) 基于角色的访问控制 (Role Based Access Control, RBAC) - 自定义Role

　　自定义Azure Custome Role，可以创意任何资源，但是不能创建公网IP地址，不能创建网络资源，不能授权认证：

{
    "id": "/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2/providers/Microsoft.Authorization/roleDefinitions/4b325faf-f4cf-42b7-9b38-1c960b4b48f1",
    "properties": {
        "roleName": "Custom Contributor",
        "description": "Can create everything but Public IP addresses, Networking objects, and Authorizations",
        "assignableScopes": [
            "/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2"
        ],
        "permissions": [
            {
                "actions": [
                    "*"
                ],
                "notActions": [
                    "Microsoft.Authorization/classicAdministrators/delete",
                    "Microsoft.Authorization/classicAdministrators/write",
                    "Microsoft.Authorization/elevateAccess/*",
                    "Microsoft.Authorization/permissions/*",
                    "Microsoft.Authorization/policyAssignments/delete",
                    "Microsoft.Authorization/policyAssignments/write",
                    "Microsoft.Authorization/policyDefinitions/delete",
                    "Microsoft.Authorization/policyDefinitions/write",
                    "Microsoft.Authorization/policySetDefinitions/delete",
                    "Microsoft.Authorization/policySetDefinitions/write",
                    "Microsoft.Authorization/providerOperations/*",
                    "Microsoft.Authorization/roleAssignments/delete",
                    "Microsoft.Authorization/roleAssignments/write",
                    "Microsoft.Authorization/roleDefinitions/delete",
                    "Microsoft.Authorization/roleDefinitions/write",
                    "Microsoft.Network/dnszones/*",
                    "Microsoft.Network/expressRouteCircuits/*",
                    "Microsoft.Network/networksecuritygroups/delete",
                    "Microsoft.Network/networksecuritygroups/join/action",
                    "Microsoft.Network/publicIPAddresses/delete",
                    "Microsoft.Network/publicIPAddresses/join/action",
                    "Microsoft.Network/publicIPAddresses/write",
                    "Microsoft.Network/register/*",
                    "Microsoft.Network/Routefilters/*",
                    "Microsoft.Network/routetables/delete",
                    "Microsoft.Network/routetables/join/*",
                    "Microsoft.Network/routetables/routes/*",
                    "Microsoft.Network/routetables/write",
                    "Microsoft.Network/virtualnetworks/delete",
                    "Microsoft.Network/virtualnetworks/peer/*",
                    "Microsoft.Network/virtualnetworks/subnets/delete",
                    "Microsoft.Network/virtualnetworks/subnets/write",
                    "Microsoft.Network/virtualnetworks/virtualNetworkPeerings/delete",
                    "Microsoft.Network/virtualnetworks/virtualNetworkPeerings/write",
                    "Microsoft.Network/virtualnetworks/write"
                ],
                "dataActions": [],
                "notDataActions": []
            }
        ]
    }
}

查看全文

相关阅读:
先装Net Framework 后装 IIS的处理办法
 post请求和get请求的区别
 再说重写IHttpHandler,实现前后端分离
 自定义VS的ItemTemplates 实现任意文件结构
 自动生成 Lambda查询和排序，从些查询列表so easy
sql表分区
 关于Window Server2008 服务器上无法播放音频文件的解决方案
 Visifire Chart相关属性详解
 SQL Server数据库定时自动备份
 在SQL中给字符串补0方法

原文地址：https://www.cnblogs.com/threestone/p/14926824.html