Azure 所需和授予的權限 | Trend Micro Service Central

web

您已離線。這是該頁面的唯讀版本。

檢視次數:

檢查部署資源所需的必要的權限以及在 terraform 過程中授予的權限。

以下權限是成功部署Trend Vision One雲端安全資源到您的訂閱所需的。

對於 Microsoft Entra ID 使用者，您的登入必須具有以下角色：
- 應用程式管理員
- 特權角色管理員
對於 Microsoft Azure 使用者，您登入的帳戶在您所連接的訂閱中必須具有以下或更高的角色：
- 使用者存取管理員
若要啟用 Microsoft Defender 端點收集或 Azure 活動記錄，您的 Microsoft Azure 登入必須具有以下角色：
- 密碼保險箱機密管理員

terraform 過程為自己分配某些權限，以建立與雲端帳戶和 Trend Vision One 雲端安全服務的連接。這些權限包括啟用雲端帳戶應用程式和安全服務，以獲取臨時憑證並在您的 Azure 雲端環境中完成任務。

Azure 所需權限

功能	服務	所需權限
核心功能	Azure	Microsoft.ContainerService/managedClusters/listClusterUserCredential/action Microsoft.ContainerService/managedClusters/read Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Authorization/roleAssignments/read Microsoft.Authorization/roleDefinitions/read */read
無代理弱點與安全威脅偵測	Azure	Subscription-level permissions Microsoft.ContainerRegistry/registries/generateCredentials/action Microsoft.ContainerRegistry/registries/read Microsoft.ContainerRegistry/registries/pull/read Microsoft.ContainerRegistry/registries/tokens/write Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read Microsoft.ContainerRegistry/registries/scopeMaps/read Microsoft.ContainerRegistry/registries/tokens/read Microsoft.Compute/disks/read Microsoft.Compute/virtualMachines//read Microsoft.HybridCompute/machines//read Microsoft.Authorization/roleAssignments/write Microsoft.Authorization/roleAssignments/delete Microsoft.Authorization/roleAssignments/read Microsoft.Compute/locations/usages/read Microsoft.Quota/quotas/read
		Trend Micro resource group-level permissions Azure 定義角色：貢獻者允許動作：* Microsoft.Authorization//Delete Microsoft.Authorization//Write Microsoft.Authorization/elevateAccess/Action Microsoft.Blueprint/blueprintAssignments/write Microsoft.Blueprint/blueprintAssignments/delete Microsoft.Compute/galleries/share/action Microsoft.Purview/consents/write Microsoft.Purview/consents/delete Microsoft.Resources/deploymentStacks/manageDenySetting/action Microsoft.訂閱/cancel/action Microsoft.Subscription/enable/action Azure 定義角色：AcrPull Microsoft.ContainerRegistry/registries/pull/read Azure 定義角色：儲存 Blob 資料防護擁有者 Microsoft.Storage/storageAccounts/blobServices/containers/* Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Microsoft.Storage/storageAccounts/blobServices/containers/blobs/*
		Trend Micro Storage ID-level permissions Azure 定義角色：儲存 Blob 資料防護讀取者 Microsoft.Storage/storageAccounts/blobServices/containers/read Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read

Table of Contents

The page you're looking for can't be found or is under maintenance

Try again later or go back to the previous page