《Windows Azure Platform 系列文章目录》
有关Azure Custom Role的入门材料,可以参考:Azure ARM (17) 基于角色的访问控制 (Role Based Access Control, RBAC) - 自定义Role
自定义Azure Custome Role,可以创意任何资源,但是不能创建公网IP地址,不能创建网络资源,不能授权认证:
{
"id": "/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2/providers/Microsoft.Authorization/roleDefinitions/4b325faf-f4cf-42b7-9b38-1c960b4b48f1",
"properties": {
"roleName": "Custom Contributor",
"description": "Can create everything but Public IP addresses, Networking objects, and Authorizations",
"assignableScopes": [
"/subscriptions/d66e394d-79c1-4174-8cbf-cae4468ffdb2"
],
"permissions": [
{
"actions": [
"*"
],
"notActions": [
"Microsoft.Authorization/classicAdministrators/delete",
"Microsoft.Authorization/classicAdministrators/write",
"Microsoft.Authorization/elevateAccess/*",
"Microsoft.Authorization/permissions/*",
"Microsoft.Authorization/policyAssignments/delete",
"Microsoft.Authorization/policyAssignments/write",
"Microsoft.Authorization/policyDefinitions/delete",
"Microsoft.Authorization/policyDefinitions/write",
"Microsoft.Authorization/policySetDefinitions/delete",
"Microsoft.Authorization/policySetDefinitions/write",
"Microsoft.Authorization/providerOperations/*",
"Microsoft.Authorization/roleAssignments/delete",
"Microsoft.Authorization/roleAssignments/write",
"Microsoft.Authorization/roleDefinitions/delete",
"Microsoft.Authorization/roleDefinitions/write",
"Microsoft.Network/dnszones/*",
"Microsoft.Network/expressRouteCircuits/*",
"Microsoft.Network/networksecuritygroups/delete",
"Microsoft.Network/networksecuritygroups/join/action",
"Microsoft.Network/publicIPAddresses/delete",
"Microsoft.Network/publicIPAddresses/join/action",
"Microsoft.Network/publicIPAddresses/write",
"Microsoft.Network/register/*",
"Microsoft.Network/Routefilters/*",
"Microsoft.Network/routetables/delete",
"Microsoft.Network/routetables/join/*",
"Microsoft.Network/routetables/routes/*",
"Microsoft.Network/routetables/write",
"Microsoft.Network/virtualnetworks/delete",
"Microsoft.Network/virtualnetworks/peer/*",
"Microsoft.Network/virtualnetworks/subnets/delete",
"Microsoft.Network/virtualnetworks/subnets/write",
"Microsoft.Network/virtualnetworks/virtualNetworkPeerings/delete",
"Microsoft.Network/virtualnetworks/virtualNetworkPeerings/write",
"Microsoft.Network/virtualnetworks/write"
],
"dataActions": [],
"notDataActions": []
}
]
}
}
分类:
Azure ARM
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构
2013-06-24 [New Portal]Windows Azure Virtual Machine (10) 自定义Windows Azure Virtual Machine模板
2012-06-24 Windows Azure Cloud Service (27) 在Windows Azure发送邮件(上)