zoukankan      html  css  js  c++  java
  • Azure ARM (23) 自定义Role

      《Windows Azure Platform 系列文章目录

      有关Azure Custom Role的入门材料,可以参考:Azure ARM (17) 基于角色的访问控制 (Role Based Access Control, RBAC) - 自定义Role

      

      自定义Azure Custome Role,可以创意任何资源,但是不能创建公网IP地址,不能创建网络资源,不能授权认证:

    {
        "id": "/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2/providers/Microsoft.Authorization/roleDefinitions/4b325faf-f4cf-42b7-9b38-1c960b4b48f1",
        "properties": {
            "roleName": "Custom Contributor",
            "description": "Can create everything but Public IP addresses, Networking objects, and Authorizations",
            "assignableScopes": [
                "/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2"
            ],
            "permissions": [
                {
                    "actions": [
                        "*"
                    ],
                    "notActions": [
                        "Microsoft.Authorization/classicAdministrators/delete",
                        "Microsoft.Authorization/classicAdministrators/write",
                        "Microsoft.Authorization/elevateAccess/*",
                        "Microsoft.Authorization/permissions/*",
                        "Microsoft.Authorization/policyAssignments/delete",
                        "Microsoft.Authorization/policyAssignments/write",
                        "Microsoft.Authorization/policyDefinitions/delete",
                        "Microsoft.Authorization/policyDefinitions/write",
                        "Microsoft.Authorization/policySetDefinitions/delete",
                        "Microsoft.Authorization/policySetDefinitions/write",
                        "Microsoft.Authorization/providerOperations/*",
                        "Microsoft.Authorization/roleAssignments/delete",
                        "Microsoft.Authorization/roleAssignments/write",
                        "Microsoft.Authorization/roleDefinitions/delete",
                        "Microsoft.Authorization/roleDefinitions/write",
                        "Microsoft.Network/dnszones/*",
                        "Microsoft.Network/expressRouteCircuits/*",
                        "Microsoft.Network/networksecuritygroups/delete",
                        "Microsoft.Network/networksecuritygroups/join/action",
                        "Microsoft.Network/publicIPAddresses/delete",
                        "Microsoft.Network/publicIPAddresses/join/action",
                        "Microsoft.Network/publicIPAddresses/write",
                        "Microsoft.Network/register/*",
                        "Microsoft.Network/Routefilters/*",
                        "Microsoft.Network/routetables/delete",
                        "Microsoft.Network/routetables/join/*",
                        "Microsoft.Network/routetables/routes/*",
                        "Microsoft.Network/routetables/write",
                        "Microsoft.Network/virtualnetworks/delete",
                        "Microsoft.Network/virtualnetworks/peer/*",
                        "Microsoft.Network/virtualnetworks/subnets/delete",
                        "Microsoft.Network/virtualnetworks/subnets/write",
                        "Microsoft.Network/virtualnetworks/virtualNetworkPeerings/delete",
                        "Microsoft.Network/virtualnetworks/virtualNetworkPeerings/write",
                        "Microsoft.Network/virtualnetworks/write"
                    ],
                    "dataActions": [],
                    "notDataActions": []
                }
            ]
        }
    }

      

  • 相关阅读:
    Data Mining | 二分类模型评估-ROC/AUC/K-S/GINI
    Data Mining | 二分类模型评估-混淆矩阵
    Data Mining | 数据挖掘技术基础与进阶
    Data Mining | 数据挖掘概要和方法论
    python | 模块与第三方库的安装
    SAS | 数据EDA及代码
    SAS | 数据读入思路及代码
    python | 自定义函数
    SAS | 使用SAS数据
    SAS | 逻辑库和SAS数据集
  • 原文地址:https://www.cnblogs.com/threestone/p/14926824.html
Copyright © 2011-2022 走看看