-# ms.devlang: cpp, csharp, golang, java, javascript, objective-c, python

-> * Download the sample

-[Smart Room Lite](https://aka.ms/speech/cc-quickstart) json file.

-> The Speech SDK for Java, JavaScript, Objective-C, and Swift support Multi-device Conversation, but we haven't yet included a guide here.

-# ms.devlang: csharp, golang, java

-description: Learn how to edit text to speech avatar gestures with SSML

-keywords: text to speech avatar batch synthesis

-## Supported pre-built avatar characters, styles and gestures

-| Characters | Styles¹ | Gestures² |

-| Lisa| casual-sitting | numeric1-left-1<br>numeric2-left-1<br>numeric3-left-1<br>thumbsup-left-1<br>show-front-1<br>show-front-2<br>show-front-3<br>show-front-4<br>show-front-5<br>think-twice-1<br>show-front-6<br>show-front-7<br>show-front-8<br>show-front-9 |

-¹ Only `casual-sitting` style is supported on real-time API.

-² Gestures are only supported on batch API and not supported on real-time API.

-keywords: text to speech avatar batch synthesis

-description: Learn how to create text to speech avatar batch synthesis

-keywords: text to speech avatar batch synthesis

-description: Learn how to create a custom text to speech avatar

-keywords: custom text to speech avatar

-keywords: text to speech avatar

-keywords: custom text to speech avatar

-keywords: text to speech avatar

-2. In your Azure resource for one of the applicable features listed, select **Commitment tier pricing**.

-3. Select **Change** to view the available commitments for hosted API and container usage. Choose a commitment plan for one or more of the following offerings:

-4. In the window that appears, select both a **Tier** and **Auto-renewal** option.

-Commitment plans for disconnected containers have a calendar year commitment period. These are different plans than web and connected container commitment plans. When you purchase a commitment plan, you're charged the full price immediately. During the commitment period, you can't change your commitment plan, however you can purchase more units at a pro-rated price for the remaining days in the year. You have until midnight (UTC) on the last day of your commitment, to end a commitment plan.

-In some scenarios, you'll modify your flow to improve its performance. You can submit multiple batch runs to compare the performance of your flow with different versions. You can also compare the metrics calculated by different evaluation methods to see which one is more suitable for your flow.

-In prompt flow, we provide multiple built-in evaluation methods to help you measure the performance of your flow output. Each evaluation method calculates different metrics. Now we provide nine built-in evaluation methods available, you can check the following table for a quick reference:

-In this step, you can view all flow outputs, and specify which outputs will be included in the response of the endpoint you deploy. By default all flow outputs are selected.

-In Prompt flow, you can customize or create your own evaluation flow tailored to your tasks and objectives, and then use it to evaluate other flows. This document you'll learn:

- - Inputs

- - Outputs and Metrics Logging

-1. They usually run after the run to be tested, and receive outputs from that run.

-2. Apart from the outputs from the run to be tested, they can receive an optional additional dataset which might contain corresponding ground truths.

-3. They might have an aggregation node that calculates the overall performance of the flow being tested based on the individual scores.

-4. They can log metrics using log_metric() function.

-We'll introduce how the inputs and outputs should be defined in developing evaluation methods.

-Other inputs might also be required, such as ground truth, which might come from a dataset. By default, evaluation will use the same dataset as the test dataset provided to the tested run. However, if the corresponding labels or target ground truth values are in a different dataset, you can easily switch to that one.

-Therefore, to run an evaluation, you need to indicate the sources of these required inputs. To do so, when submitting an evaluation, you'll see an **"input mapping"** section.

-#### Instance-level scores ΓÇö outputs

-In Prompt flow, the flow processes each sample dataset one at a time and generates an output record. Similarly, in most evaluation cases, there will be a metric for each output, allowing you to check how the flow performs on each individual data.

-When this evaluation method is used to evaluate another flow, the instance-level score can be viewed in the **Overview ->Output** tab.

-We calculate this score in `aggregate` node, which you can create and edit from scratch when creating by type. You can also replace this python node with an LLM node to use LLM to calculate the score. See the following example for using the log_metric API in an evaluation flow:

-1. From the collapsible left menu, select **Flows**.

-1. In the **Standard flows** tile, select **Create**.

-Crafting a good prompt is a challenging task that requires a lot of creativity, clarity, and relevance. A good prompt can elicit the desired output from a pretrained language model, while a bad prompt can lead to inaccurate, irrelevant, or nonsensical outputs. Therefore, it's necessary to tune prompts to optimize their performance and robustness for different tasks and domains.

-Variants can help you test the modelΓÇÖs behavior under different conditions, such as different wording, formatting, context, temperature, or top-k, compare and find the best prompt and configuration that maximizes the modelΓÇÖs accuracy, diversity, or coherence.

-In this article, we'll use **Web Classification** sample flow as example.

-1. Select an LLM node with variants. The other LLM nodes will use the default variant.

-When you run the variants with a few single pieces of data and check the results with the naked eye, it cannot reflect the complexity and diversity of real-world data, meanwhile the output isn't measurable, so it's hard to compare the effectiveness of different variants, then choose the best.

-1. First you need to prepare a dataset, which is representative enough of the real-world problem you want to solve with Prompt flow. In this example, it's a list of URLs and their classification ground truth. We'll use accuracy to evaluate the performance of variants.

- To test how well different variants work for each node in a flow, you need to run a batch run for each node with variants one by one. This helps you avoid the influence of other nodes' variants and focus on the results of this node's variants. This follows the rule of the controlled experiment, which means that you only change one thing at a time and keep everything else the same.

- For example, you can select **classify_with_llm** node to run all variants, the **summarize_text_content** node will use it default variant for this batch run.

-1. Open your AI Studio project.

-1. In **Flows**, create a new flow or open an existing flow.

-Kubernetes employs a virtual networking layer to manage access within and between your applications or their components. This involves the following key aspects:

-To simplify the network configuration for application workloads, Kubernetes uses *Services* to logically group a set of pods together and provide network connectivity. You can specify a Kubernetes *ServiceType* to specify what kind of Service you want, for example if you want to expose a Service onto an external IP address that's outside of your cluster. For more information, see the Kubernetes documentation for [Publishing Services (ServiceTypes)][service-types].

- ClusterIP creates an internal IP address for use within the AKS cluster. This Service is good for *internal-only applications* that support other workloads within the cluster. This is the default that's used if you don't explicitly specify a type for a Service.

-With Azure CNI, every pod gets an IP address from the subnet and can be accessed directly. These IP addresses must be planned in advance and unique across your network space. Each node has a configuration parameter for the maximum number of pods it supports. The equivalent number of IP addresses per node are then reserved up front. This approach can lead to IP address exhaustion or the need to rebuild clusters in a larger subnet as your application demands grow, so it's important to plan properly. To avoid these planning challenges, it is possible to enable the feature [Azure CNI networking for dynamic allocation of IPs and enhanced subnet support][configure-azure-cni-dynamic-ip-allocation].

-Unlike kubenet, traffic to endpoints in the same virtual network isn't NAT'd to the node's primary IP. The source address for traffic inside the virtual network is the pod IP. Traffic that's external to the virtual network still NATs to the node's primary IP.

-[Azure CNI Overlay][azure-cni-overlay] represents an evolution of Azure CNI, addressing scalability and planning challenges arising from the assignment of VNet IPs to pods. It achieves this by assigning private CIDR IPs to pods, which are separate from the VNet and can be reused across multiple clusters. Additionally, Azure CNI Overlay can scale beyond the 400 node limit enforced in Kubenet clusters. Azure CNI Overlay is the recommended option for most clusters.

-[Azure CNI Powered by Cilium][azure-cni-powered-by-cilium] uses [Cilium](https://cilium.io) to provide high-performance networking, observability, and network policy enforcement. It integrates natively with [Azure CNI Overlay][azure-cni-overlay] for scalable IP address management (IPAM)

-Additionally, Cilium enforces network policies by default, without requiring a separate network policy engine. Using eBPF programs and a more efficient API object structure, Azure CNI Powered by Cilium can scale beyond [Azure Network Policy Manager's limits of 250 nodes / 20K pod][use-network-policies].

-It is possible to install in AKS a third party CNI using the [Bring your own CNI][use-byo-cni] feature.

-| Expose Kubernetes services using a load balancer service, App Gateway, or ingress controller | Supported | Supported | [No Application Gateway Ingress Controller (AGIC) support][azure-cni-overlay-limitations] | Same limitations when using Overlay mode |

-For both kubenet and Azure CNI plugins, the DNS service is provided by CoreDNS, a deployment running in AKS with its own autoscaler. For more information on CoreDNS on Kubernetes, see [Customizing DNS Service](https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/). CoreDNS by default is configured to forward unknown domains to the DNS functionality of the Azure Virtual Network where the AKS cluster is deployed. Hence, Azure DNS and Private Zones will work for pods running in AKS.

-SSL/TLS termination is another common feature of Ingress. On large web applications accessed via HTTPS, the Ingress resource handles the TLS termination rather than within the application itself. To provide automatic TLS certification generation and configuration, you can configure the Ingress resource to use providers such as "Let's Encrypt".

-## Metrics

-<!-- REQUIRED if you support Metrics. If you don't, keep the section but call that out. Some services are only onboarded to logs.

-<!-- Please keep headings in this order -->

-<!-- OPTION 2 - Link to the metrics as above, but work in extra information not found in the automated metric-supported reference article. NOTE: YOU WILL NOW HAVE TO MANUALLY MAINTAIN THIS SECTION to make sure it stays in sync with the metrics-supported link. For highly customized example, see [CosmosDB](../cosmos-db/monitor-cosmos-db-reference.md#metrics). They even regroup the metrics into usage type vs. resource provider and type.

-<!-- Example format. Mimic the setup of metrics supported, but add extra information -->

-### Application Gateway v2 metrics

-#### Timing metrics

-#### Application Gateway metrics

-#### Backend metrics

-### Application Gateway v1 metrics

-#### Application Gateway metrics

-## Metric Dimensions

-For more information on what metric dimensions are, see [Multi-dimensional metrics](../azure-monitor/essentials/data-platform-metrics.md#multi-dimensional-metrics).

-> The Performance log is available only for the v1 SKU. For the v2 SKU, use [Metrics](#metrics) for performance data.

-For more information, see [Backend health and diagnostic logs for Application Gateway](application-gateway-diagnostics.md#access-log)

-<!-- OPTION 2 - Link to the resource logs as above, but work in extra information not found in the automated metric-supported reference article. NOTE: YOU WILL NOW HAVE TO MANUALLY MAINTAIN THIS SECTION to make sure it stays in sync with the resource-log-categories link. You can group these sections however you want provided you include the proper links back to resource-log-categories article.

-### Application Gateway

-| **ApplicationGatewayPerformanceLog**|Performance log|You can use this log to view how Application Gateway instances are performing. This log captures performance information for each instance, including total requests served, throughput in bytes, total requests served, failed request count, and healthy and unhealthy backend instance count. A performance log is collected every 60 seconds. The Performance log is available only for the v1 SKU. For the v2 SKU, use [Metrics](#metrics) for performance data.|

-<!-- If your service uses the AzureDiagnostics table in Azure Monitor Logs / Log Analytics, list what fields you use and what they are for. Azure Diagnostics is over 500 columns wide with all services using the fields that are consistent across Azure Monitor and then adding extra ones just for themselves. If it uses service specific diagnostic table, refers to that table. If it uses both, put both types of information in. Most services in the future will have their own specific table. If you have questions, contact azmondocs@microsoft.com -->

-This is just a subset of the metrics available for Application Gateway. For more information, see [Monitoring Azure Application Gateway data reference](monitor-application-gateway-reference.md).

-Some services in Azure have a special focused pre-built monitoring dashboard in the Azure portal that provides a starting point for monitoring your service. These special dashboards are called "insights".

-Resource Logs are not collected and stored until you create a diagnostic setting and route them to one or more locations.

-If you don't support metrics, say so. Some services may be only onboarded to logs -->

-For a list of the platform metrics collected for Azure Application Gateway, see [Monitoring Application Gateway data reference metrics](monitor-application-gateway-reference.md#metrics).

-<!-- Optional: Call out additional information to help your customers. For example, you can include additional information here about how to use metrics explorer specifically for your service. Remember that the UI is subject to change quite often so you will need to maintain these screenshots yourself if you add them in. -->

-If you don't support resource logs, say so. Some services may be only onboarded to metrics and the activity log. -->

-<!-- Optional: Call out additional information to help your customers. For example, you can include additional information here about log usage or what logs are most important. Remember that the UI is subject to change quite often so you will need to maintain these screenshots yourself if you add them in. -->

-> When you select **Logs** from the Application Gateway menu, Log Analytics is opened with the query scope set to the current Application Gateway. This means that log queries will only include data from that resource. If you want to run a query that includes data from other Application Gateways or data from other Azure services, select **Logs** from the **Azure Monitor** menu. See [Log query scope and time range in Azure Monitor Log Analytics](/azure/azure-monitor/log-query/scope/) for details.

-<!-- REQUIRED: Include queries that are helpful for figuring out the health and state of your service. Ideally, use some of these queries in the alerts section. It's possible that some of your queries may be in the Log Analytics UI (sample or example queries). Check if so. -->

-If you're creating or running an application which use Application Gateway [Azure Monitor Application Insights](../azure-monitor/app/app-insights-overview.md) may offer additional types of alerts.

-|Metric|CPU utilization crosses 80%|Under normal conditions, CPU usage should not regularly exceed 90%, as this may cause latency in the websites hosted behind the Application Gateway and disrupt the client experience.|

-|Metric|Unhealthy host count crosses threshold|Indicates number of backend servers that application gateway is unable to probe successfully. This will catch issues where Application gateway instances are unable to connect to the backend. Alert if this number goes above 20% of backend capacity.|

-# Application Gateway multiple site hosting

-Multiple site hosting enables you to configure more than one web application on the same port of application gateways using public-facing listeners. It allows you to configure a more efficient topology for your deployments by adding up to 100+ websites to one application gateway. Each website can be directed to its own backend pool. For example, three domains, contoso.com, fabrikam.com, and adatum.com, point to the IP address of the application gateway. You'd create three multi-site listeners and configure each listener for the respective port and protocol setting.

-In [Azure PowerShell](tutorial-multiple-sites-powershell.md), you must use `-HostNames` instead of `-HostName`. With HostNames, you can mention up to 5 host names as comma-separated values and use wildcard characters. For example, `-HostNames "*.contoso.com","*.fabrikam.com"`

-In [Azure CLI](tutorial-multiple-sites-cli.md), you must use `--host-names` instead of `--host-name`. With host-names, you can mention up to 5 host names as comma-separated values and use wildcard characters. For example, `--host-names "*.contoso.com,*.fabrikam.com"`

-There are three common mechanisms for enabling multiple site hosting on the same infrastructure.

-Learn how to configure multiple site hosting in Application Gateway

-You can visit [Resource Manager template using multiple site hosting](https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.network/application-gateway-multihosting) for an end to end template-based deployment.

-The Standard_v2 and WAF_v2 SKU is not currently available in the following regions:

-In this quickstart, you create an Azure Functions app and use feature flags in it. You use the feature management from Azure App Configuration to centrally store all your feature flags and control their states.

-## Create a Functions app

-+ [Python versions that are supported by Azure Functions](supported-languages.md#languages-by-runtime-version).

-In a suitable folder, run the following commands to create and activate a virtual environment named `.venv`. Make sure that you're using a [version of Python that is supported by Azure Functions](supported-languages.md?pivots=programming-language-python#languages-by-runtime-version).

-

-1. Open the local.settings.json project file and verify that the `AzureWebJobsFeatureFlags` setting has a value of `EnableWorkerIndexing`. This is required for Functions to interpret your project correctly as the Python v2 model. You'll add this same setting to your application settings after you publish your project to Azure.

- This tells the local Functions host to use the storage emulator for the storage connection currently required by the Python v2 model. When you publish your project to Azure, you'll need to instead use the default storage account. If you're instead using an Azure Storage account, set your storage account connection string here.

-1. If you haven't done so already, sign in to Azure.

- az functionapp create --resource-group AzureFunctionsQuickstart-rg --consumption-plan-location westeurope --runtime python --runtime-version 3.9 --functions-version 4 --name <APP_NAME> --os-type linux --storage-account <STORAGE_NAME>

- The [az functionapp create](/cli/azure/functionapp#az-functionapp-create) command creates the function app in Azure. If you're using Python 3.9, 3.8, or 3.7, change `--runtime-version` to `3.9`, `3.8`, or `3.7`, respectively. You must supply `--os-type linux` because Python functions can't run on Windows, which is the default.

- New-AzFunctionApp -Name <APP_NAME> -ResourceGroupName AzureFunctionsQuickstart-rg -StorageAccountName <STORAGE_NAME> -FunctionsVersion 4 -RuntimeVersion 3.9 -Runtime python -Location '<REGION>'

- The [New-AzFunctionApp](/powershell/module/az.functions/new-azfunctionapp) cmdlet creates the function app in Azure. If you're using Python 3.9, 3.8, or 3.7, change `-RuntimeVersion` to `3.9`, `3.8`, or `3.7`, respectively.

- In the previous example, replace `<APP_NAME>` with a globally unique name appropriate to you. The `<APP_NAME>` is also the default DNS domain for the function app.

-## Update app settings

-To use the Python v2 model in your function app, you need to add a new application setting in Azure named `AzureWebJobsFeatureFlags` with a value of `EnableWorkerIndexing`. This setting is already in your local.settings.json file.

-Run the following command to add this setting to your new function app in Azure.

-# [Azure CLI](#tab/azure-cli)

-```azurecli

-az functionapp config appsettings set --name <FUNCTION_APP_NAME> --resource-group <RESOURCE_GROUP_NAME> --settings AzureWebJobsFeatureFlags=EnableWorkerIndexing

-```

-# [Azure PowerShell](#tab/azure-powershell)

-```azurepowershell

-Update-AzFunctionAppSetting -Name <FUNCTION_APP_NAME> -ResourceGroupName <RESOURCE_GROUP_NAME> -AppSetting @{"AzureWebJobsFeatureFlags" = "EnableWorkerIndexing"}

-```

-In the previous example, replace `<FUNCTION_APP_NAME>` and `<RESOURCE_GROUP_NAME>` with the name of your function app and resource group, respectively. This setting is already in your local.settings.json file.

-This video shows you how to create a Python function in Azure using VS Code.

-+ Python versions that are [supported by Azure Functions](supported-languages.md#languages-by-runtime-version). For more information, see [How to install Python](https://wiki.python.org/moin/BeginnersGuide/Download).

-In this section, you use Visual Studio Code to create a local Azure Functions project in Python. Later in this article, you'll publish your function code to Azure.

-

-5. Open the local.settings.json project file and verify that the `AzureWebJobsFeatureFlags` setting has a value of `EnableWorkerIndexing`. This is required for Functions to interpret your project correctly as the Python v2 model. You'll add this same setting to your application settings after you publish your project to Azure.

- This tells the local Functions host to use the storage emulator for the storage connection currently required by the Python v2 model. When you publish your project to Azure, you'll need to instead use the default storage account. If you're instead using an Azure Storage account, set your storage account connection string here.

-After you've verified that the function runs correctly on your local computer, it's time to use Visual Studio Code to publish the project directly to Azure.

-## Update app settings

-To use the Python v2 model in your function app, you need to add a new application setting in Azure named `AzureWebJobsFeatureFlags` with a value of `EnableWorkerIndexing`. This setting is already in your local.settings.json file.

-1. In Visual Studio Code, press <kbd>F1</kbd> to open the command palette. In the command palette, search for and select `Azure Functions: Add New Setting...`.

-1. Choose your new function app, type `AzureWebJobsFeatureFlags` for the new app setting name, and press <kbd>Enter</kbd>.

-1. For the value, type `EnableWorkerIndexing` and press <kbd>Enter</kbd>.

-The setting added to your new function app, which enables it to run the v2 model in Azure.

-You have used [Visual Studio Code](functions-develop-vs-code.md?tabs=python) to create a function app with a simple HTTP-triggered function. In the next articles, you expand that function by connecting to Azure Cosmos DB and Azure Storage. To learn more about connecting to other Azure services, see [Add bindings to an existing function in Azure Functions](add-bindings-existing-function.md?tabs=python).

-Azure Functions lets you run your code in a serverless environment without having to first create a virtual machine (VM) or publish a web application. In this article, you learn how to use Azure Functions to create a "hello world" HTTP trigger function in the Azure portal.

-We recommend that you [develop your functions locally](functions-develop-local.md) and publish to a function app in Azure.

-Use one of the following links to get started with your chosen local development environment and language:

-| Visual Studio Code | Terminal/command prompt | Visual Studio |

-| | | |

-| &bull;&nbsp;[Get started with C#](./create-first-function-vs-code-csharp.md)<br/>&bull;&nbsp;[Get started with Java](./create-first-function-vs-code-java.md)<br/>&bull;&nbsp;[Get started with JavaScript](./create-first-function-vs-code-node.md)<br/>&bull;&nbsp;[Get started with PowerShell](./create-first-function-vs-code-powershell.md)<br/>&bull;&nbsp;[Get started with Python](./create-first-function-vs-code-python.md) |&bull;&nbsp;[Get started with C#](./create-first-function-cli-csharp.md)<br/>&bull;&nbsp;[Get started with Java](./create-first-function-cli-java.md)<br/>&bull;&nbsp;[Get started with JavaScript](./create-first-function-cli-node.md)<br/>&bull;&nbsp;[Get started with PowerShell](./create-first-function-cli-powershell.md)<br/>&bull;&nbsp;[Get started with Python](./create-first-function-cli-python.md) | [Get started with C#](functions-create-your-first-function-visual-studio.md) |

-You must have a function app to host the execution of your functions. A function app lets you group functions as a logical unit for easier management, deployment, scaling, and sharing of resources.

-1. In your function app, select **Overview**, and then select **+ Create** under **Functions**.

-1. In your new HTTP trigger function, select **Code + Test** from the left menu, and then select **Get function URL** from the top menu.

-1. In Cloud Explorer, your new function app should be selected. If not, expand your subscription > **App Services**, and select your new function app.

-1. Right-click the function app and choose **Open in Browser**. This opens the root of your function app in your default web browser and displays the page that indicates your function app is running.

- :::image type="content" source="media/functions-create-your-first-function-visual-studio/function-app-running-azure-v4.png" alt-text="Function app running":::

-1. In the address bar in the browser, append the string `/api/HttpExample?name=Functions` to the base URL and run the request.

-Visual Studio provides the following benefits when you develop your functions:

-* Edit, build, and run functions on your local development computer.

-* Publish your Azure Functions project directly to Azure, and create Azure resources as needed.

-* Use C# attributes to declare function bindings directly in the C# code.

-* Develop and deploy pre-compiled C# functions. Pre-complied functions provide a better cold-start performance than C# script-based functions.

-* Code your functions in C# while having all of the benefits of Visual Studio development.

-This article provides details about how to use Visual Studio to develop C# class library functions and publish them to Azure. Before you read this article, consider completing the [Functions quickstart for Visual Studio](functions-create-your-first-function-visual-studio.md).

-After you create an Azure Functions project, the project template creates a C# project, installs the `Microsoft.NET.Sdk.Functions` NuGet package, and sets the target framework. The new project has the following files:

-The Functions runtime uses an Azure Storage account internally. For all trigger types other than HTTP and webhooks, set the `Values.AzureWebJobsStorage` key to a valid Azure Storage account connection string. Your function app can also use the [Azurite emulator](../storage/common/storage-use-azurite.md) for the `AzureWebJobsStorage` connection setting that's required by the project. To use the emulator, set the value of `AzureWebJobsStorage` to `UseDevelopmentStorage=true`. Change this setting to an actual storage account connection string before deployment. For more information, see [Local storage emulator](functions-develop-local.md#local-storage-emulator).

-2. In the **Access keys** tab, below **Security + networking**, copy the **Connection string** of **key1**.

-2. In your project, open the local.settings.json file and set the value of the `AzureWebJobsStorage` key to the connection string you copied.

-1. In **Solution Explorer**, right-click your project node and select **Add** > **New Item**.

-2. Select **Azure Function**, enter a **Name** for the class, and then select **Add**.

-3. Choose your trigger, set the binding properties, and then select **Add**. The following example shows the settings for creating a Queue storage trigger function.

- You'll then be prompted to choose between the Azurite storage emulator or referencing a provisioned Azure storage account.

- This trigger example uses a connection string with a key named `QueueStorage`. This key, stored in the [local.settings.json file](functions-develop-local.md#local-settings-file), either references the Azurite emulator or an Azure storage account.

-4. Examine the newly added class. You see a static `Run()` method that's attributed with the `FunctionName` attribute. This attribute indicates that the method is the entry point for the function.

- For example, the following C# class represents a basic Queue storage trigger function:

- ```csharp

- using System;

- using Microsoft.Azure.WebJobs;

- using Microsoft.Azure.WebJobs.Host;

- using Microsoft.Extensions.Logging;

- namespace FunctionApp1

- {

- public static class Function1

- {

- [FunctionName("QueueTriggerCSharp")]

- public static void Run([QueueTrigger("myqueue-items",

- Connection = "QueueStorage")]string myQueueItem, ILogger log)

- {

- log.LogInformation($"C# Queue trigger function processed: {myQueueItem}");

- }

- }

- }

- ```

-1. Make sure you've [configured the project for local development](#configure-the-project-for-local-development).

- # [Isolated worker model](#tab/isolated-process)

-

- # [In-process model](#tab/in-process)

-

-

- In this example, replace `<BINDING_TYPE>` with the name specific to the binding extension and `<TARGET_VERSION>` with a specific version of the package, such as `3.0.0-beta5`. Valid versions are listed on the individual package pages at [NuGet.org](https://nuget.org). The major versions that correspond to Functions runtime 1.x or 2.x are specified in the reference article for the binding.

-3. If there are app settings that the binding needs, add them to the `Values` collection in the [local setting file](functions-develop-local.md#local-settings-file).

- The function uses these values when it runs locally. When the function runs in the function app in Azure, it uses the [function app settings](#function-app-settings).

-4. Add the appropriate binding attribute to the method signature. In the following example, a queue message triggers the function, and the output binding creates a new queue message with the same text in a different queue.

- [QueueTrigger("myqueue-items-source", Connection = "AzureWebJobsStorage")] string myQueueItem,

- [Queue("myqueue-items-destination", Connection = "AzureWebJobsStorage")] out string myQueueItemCopy,

- The connection to Queue storage is obtained from the `AzureWebJobsStorage` setting. For more information, see the reference article for the specific binding.

-When you publish from Visual Studio, it uses one of the two deployment methods:

-* [Web Deploy](functions-deployment-technologies.md#web-deploy-msdeploy): Packages and deploys Windows apps to any IIS server.

-* [Zip Deploy with Run-From-Package enabled](functions-deployment-technologies.md#zip-deploy): Recommended for Azure Functions deployments.

-# [Isolated worker model](#tab/isolated-process)

- Visual Studio connects to your function app and enables remote debugging, if it's not already enabled.

-# [In-process model](#tab/in-process)

-Visual Studio connects to your function app and enables remote debugging, if it's not already enabled. It also locates and attaches the debugger to the host process for the app. At this point, you can debug your function app as normal.

-The recommended way to monitor the execution of your functions is by integrating your function app with Azure Application Insights. When you create a function app in the Azure portal, this integration is done for you by default. However, when you create your function app during Visual Studio publishing, the integration in your function app in Azure isn't done. To learn how to connect Application Insights to your function app, see [Enable Application Insights integration](configure-monitoring.md#enable-application-insights-integration).

-This section describes how to create a C# function app project in Visual Studio and to run and test with [xUnit](https://github.com/xunit/xunit).

-### Setup

-To set up your environment, create a function and test the app. The following steps help you create the apps and functions required to support the tests:

-2. [Create an HTTP function from the template](functions-get-started.md) and name it **MyHttpTrigger**.

-3. [Create a timer function from the template](functions-create-scheduled-function.md) and name it **MyTimerTrigger**.

-4. [Create an xUnit Test app](https://xunit.net/docs/getting-started/netcore/cmdline) in the solution and name it **Functions.Tests**. Remove the default test files.

-5. Use NuGet to add a reference from the test app to [Microsoft.AspNetCore.Mvc](https://www.nuget.org/packages/Microsoft.AspNetCore.Mvc/)

-6. [Reference the *Functions* app](/visualstudio/ide/managing-references-in-a-project) from *Functions.Tests* app.

-### Create test classes

-Now that the projects are created, you can create the classes used to run the automated tests.

-Each function takes an instance of [ILogger](/dotnet/api/microsoft.extensions.logging.ilogger) to handle message logging. Some tests either don't log messages or have no concern for how logging is implemented. Other tests need to evaluate messages logged to determine whether a test is passing.

-You'll create a new class named `ListLogger`, which holds an internal list of messages to evaluate during testing. To implement the required `ILogger` interface, the class needs a scope. The following class mocks a scope for the test cases to pass to the `ListLogger` class.

-Create a new class in *Functions.Tests* project named **NullScope.cs** and enter the following code:

-```csharp

-using System;

-namespace Functions.Tests

-{

- public class NullScope : IDisposable

- public static NullScope Instance { get; } = new NullScope();

- private NullScope() { }

- public void Dispose() { }

-}

-```

-Next, create a new class in *Functions.Tests* project named **ListLogger.cs** and enter the following code:

-```csharp

-using Microsoft.Extensions.Logging;

-using System;

-using System.Collections.Generic;

-using System.Text;

-namespace Functions.Tests

-{

- public class ListLogger : ILogger

- public IList<string> Logs;

- public IDisposable BeginScope<TState>(TState state) => NullScope.Instance;

- public bool IsEnabled(LogLevel logLevel) => false;

- public ListLogger()

- this.Logs = new List<string>();

- }

- public void Log<TState>(LogLevel logLevel,

- EventId eventId,

- TState state,

- Exception exception,

- Func<TState, Exception, string> formatter)

- {

- string message = formatter(state, exception);

- this.Logs.Add(message);

-}

-```

-The `ListLogger` class implements the following members as contracted by the `ILogger` interface:

-The `Logs` collection is an instance of `List<string>` and is initialized in the constructor.

-Next, create a new file in *Functions.Tests* project named **LoggerTypes.cs** and enter the following code:

-```csharp

-namespace Functions.Tests

-{

- public enum LoggerTypes

- Null,

- List

-}

-```

-This enumeration specifies the type of logger used by the tests.

-Now create a new class in *Functions.Tests* project named **TestFactory.cs** and enter the following code:

-```csharp

-using Microsoft.AspNetCore.Http;

-using Microsoft.AspNetCore.Http.Internal;

-using Microsoft.Extensions.Logging;

-using Microsoft.Extensions.Logging.Abstractions;

-using Microsoft.Extensions.Primitives;

-using System.Collections.Generic;

-namespace Functions.Tests

-{

- public class TestFactory

- public static IEnumerable<object[]> Data()

- return new List<object[]>

- new object[] { "name", "Bill" },

- new object[] { "name", "Paul" },

- new object[] { "name", "Steve" }

- };

- }

- private static Dictionary<string, StringValues> CreateDictionary(string key, string value)

- {

- var qs = new Dictionary<string, StringValues>

- { key, value }

- };

- return qs;

- }

- public static HttpRequest CreateHttpRequest(string queryStringKey, string queryStringValue)

- {

- var context = new DefaultHttpContext();

- var request = context.Request;

- request.Query = new QueryCollection(CreateDictionary(queryStringKey, queryStringValue));

- return request;

- }

- public static ILogger CreateLogger(LoggerTypes type = LoggerTypes.Null)

- {

- ILogger logger;

- if (type == LoggerTypes.List)

- logger = new ListLogger();

- else

- logger = NullLoggerFactory.Instance.CreateLogger("Null Logger");

- return logger;

-}

-```

-The `TestFactory` class implements the following members:

-Finally, create a new class in *Functions.Tests* project named **FunctionsTests.cs** and enter the following code:

-```csharp

-using Microsoft.AspNetCore.Mvc;

-using Microsoft.Extensions.Logging;

-using Xunit;

-namespace Functions.Tests

-{

- public class FunctionsTests

- private readonly ILogger logger = TestFactory.CreateLogger();

- [Fact]

- public async void Http_trigger_should_return_known_string()

- {

- var request = TestFactory.CreateHttpRequest("name", "Bill");

- var response = (OkObjectResult)await MyHttpTrigger.Run(request, logger);

- Assert.Equal("Hello, Bill. This HTTP triggered function executed successfully.", response.Value);

- }

- [Theory]

- [MemberData(nameof(TestFactory.Data), MemberType = typeof(TestFactory))]

- public async void Http_trigger_should_return_known_string_from_member_data(string queryStringKey, string queryStringValue)

- var request = TestFactory.CreateHttpRequest(queryStringKey, queryStringValue);

- var response = (OkObjectResult)await MyHttpTrigger.Run(request, logger);

- Assert.Equal($"Hello, {queryStringValue}. This HTTP triggered function executed successfully.", response.Value);

- }

- [Fact]

- public void Timer_should_log_message()

- {

- var logger = (ListLogger)TestFactory.CreateLogger(LoggerTypes.List);

- new MyTimerTrigger().Run(null, logger);

- var msg = logger.Logs[0];

- Assert.Contains("C# Timer trigger function executed at", msg);

-}

-```

-The members implemented in this class are:

-If you want to access application settings in your tests, you can [inject](functions-dotnet-dependency-injection.md) an `IConfiguration` instance with mocked environment variable values into your function.

-### Run tests

-### Debug tests

-## Azure Functions tools with Visual Studio 2017

-Azure Functions Tools is available in the Azure development workload starting with Visual Studio 2017. In Visual Studio 2017, the Azure development workload installs Azure Functions Tools as a separate extension. In Visual Studio 2019 and later, the Azure Functions tools extension is updated as part of Visual Studio.

-When you update your Visual Studio 2017 installation, make sure that you're using the [most recent version](#check-your-tools-version) of the Azure Functions Tools. The following sections show you how to check and (if needed) update your Azure Functions Tools extension in Visual Studio 2017.

-### <a name="check-your-tools-version"></a>Check your tools version in Visual Studio 2017

-1. From the **Tools** menu, choose **Extensions and Updates**. Expand **Installed** > **Tools**, and then choose **Azure Functions and Web Jobs Tools**.

- 

-1. Note the installed **Version** and compare this version with the latest version listed in the [release notes](https://github.com/Azure/Azure-Functions/blob/master/VS-AzureTools-ReleaseNotes.md).

-1. If your version is older, update your tools in Visual Studio as shown in the following section.

-### Update your tools in Visual Studio

-1. In the **Extensions and Updates** dialog, expand **Updates** > **Visual Studio Marketplace**, choose **Azure Functions and Web Jobs Tools** and select **Update**.

- 

-1. After the tools update is downloaded, select **Close**, and then close Visual Studio to trigger the tools update with VSIX Installer.

-1. In VSIX Installer, choose **Modify** to update the tools.

-1. After the update is complete, choose **Close**, and then restart Visual Studio.

-For more information about developing functions as .NET class libraries, see [Azure Functions C# developer reference](functions-dotnet-class-library.md). This article also links to examples on how to use attributes to declare the various types of bindings supported by Azure Functions.

-+ Python in-portal editing is only supported when running in the Consumption plan.

-The Functions editor built into the Azure portal lets you update your function code and configuration (function.json) files directly in the portal.

-Proxies are defined in the _proxies.json_ file in the root of your function app. The steps in this section show you how to use the Azure portal to create this file in your function app. Not all languages and operating system combinations support in-portal editing. If you can't modify your function app files in the portal, you can instead create and deploy the equivalent `proxies.json` file from the root of your local project folder. To learn more about portal editing support, see [Language support details](functions-create-function-app-portal.md#language-support-details).

-* [Issues with deployment](#issue-with-deployment)

-## Troubleshoot ModuleNotFoundError

-"Exception: ModuleNotFoundError: No module named 'module_name'."

-* If the function app has `WEBSITE_RUN_FROM_PACKAGE` and it's set to `1`, go to `https://<app-name>.scm.azurewebsites.net/api/vfs/data/SitePackages` and download the file from the latest `href` URL.

-If you've verified that the package is resolved correctly with the proper Linux wheels, there might be a conflict with other packages. In certain packages, the PyPi documentation might clarify the incompatible modules. For example, in [`azure 4.0.0`](https://pypi.org/project/azure/4.0.0/), you'll find the following statement:

-"This package isn't compatible with azure-storage.

-If you installed azure-storage, or if you installed azure 1.x/2.x and didnΓÇÖt uninstall azure-storage, you must uninstall azure-storage first."

-# [Visual Studio Code](#tab/vscode)

-# [Azure Functions Core Tools](#tab/coretools)

-# [Manual publishing](#tab/manual)

-However, if you're finding that the issue hasn't been fixed, and you're on a deadline, we encourage you to do some research to find a similar package for your project. Usually, the Python community will provide you with a wide variety of similar libraries that you can use.

-## Troubleshoot cannot import 'cygrpc'

-"Cannot import name 'cygrpc' from 'grpc._cython'"

-The Azure Functions Python Worker supports only Python versions 3.6, 3.7, 3.8, and 3.9.

-Check to see whether your Python interpreter matches your expected version by `py --version` in Windows or `python3 --version` in Unix-like systems. Ensure that the return result is `Python 3.6.x`, `Python 3.7.x`, `Python 3.8.x`, or `Python 3.9.x`.

-If your Python interpreter version doesn't meet the requirements for Azure Functions, instead download the Python version 3.6, 3.7, 3.8, or 3.9 interpreter from [Python Software Foundation](https://www.python.org/downloads).

-## Troubleshoot "python exited with code 137"

-"Microsoft.Azure.WebJobs.Script.Workers.WorkerProcessExitException : python exited with code 137"

-This error occurs when a Python function app is forced to terminate by the operating system with a SIGKILL signal. This signal usually indicates an out-of-memory error in your Python process. The Azure Functions platform has a [service limitation](functions-scale.md#service-limits) that terminates any function apps that exceed this limit.

-Visit the tutorial section in [memory profiling on Python functions](python-memory-profiler-reference.md#memory-profiling-process) to analyze the memory bottleneck in your function app.

-## Troubleshoot "python exited with code 139"

-"Microsoft.Azure.WebJobs.Script.Workers.WorkerProcessExitException : python exited with code 139"

-This error occurs when a Python function app is forced to terminate by the operating system with a SIGSEGV signal. This signal indicates violation of the memory segmentation, which can result from an unexpected reading from or writing into a restricted memory region. In the following sections, we provide a list of common root causes.

-In your function app's *requirements.txt* file, an unpinned package will be upgraded to the latest version in every Azure Functions deployment. Vendors of these packages might introduce regressions in their latest release. To recover from this issue, try commenting out the import statements, disabling the package references, or pinning the package to a previous version in *requirements.txt*.

-## Troubleshoot "could not load file or assembly"

-If you receive this error, it might be because you're using the v2 programming model. This error results from a known issue that will be resolved in an upcoming release.

-This specific error might read:

-"DurableTask.Netherite.AzureFunctions: Could not load file or assembly 'Microsoft.Azure.WebJobs.Extensions.DurableTask, Version=2.0.0.0, Culture=neutral, PublicKeyToken=014045d636e89289'.

-The system cannot find the file specified."

-This error might occur because of an issue with how the extension bundle was cached. To troubleshoot this issue, you can run the following command with `--verbose` to see more details:

-> `func host start --verbose`

-After you run the command, if you notice that `Loading startup extension <>` isn't followed by `Loaded extension <>` for each extension, it's likely that you have a caching issue.

-1. Find the *\.azure-functions-core-tools* path by running:

-1. Delete the *\.azure-functions-core-tools* directory.

- # [bash](#tab/bash)

- # [PowerShell](#tab/powershell)

- # [Cmd](#tab/cmd)

-## Troubleshoot "unable to resolve the Azure Storage connection"

-"Microsoft.Azure.WebJobs.Extensions.DurableTask: Unable to resolve the Azure Storage connection named 'Storage'.

-Value cannot be null. (Parameter 'provider')"

-## Issue with deployment

-In the [Azure portal](https://portal.azure.com), select **Settings** > **Configuration**, and then ensure that the `AzureWebJobsFeatureFlags` application setting has a value of `EnableWorkerIndexing`. If it's not found, add this setting to the function app.

-Some tables are free from data ingestion charges altogether, including [AzureActivity](/azure/azure-monitor/reference/tables/azureactivity), [Heartbeat](/azure/azure-monitor/reference/tables/heartbeat), [Usage](/azure/azure-monitor/reference/tables/usage), and [Operation](/azure/azure-monitor/reference/tables/operation). This information will always be indicated by the [_IsBillable](log-standard-columns.md#_isbillable) column, which indicates whether a record was excluded from billing for data ingestion.

-This article provides information about limitations and known issues related to the Azure Communication Services Calling SDKs and Communication Services Call Automation APIs.

-## Limits to the number of simultaneous video streams

-The Azure Communicaton Services Calling SDK support up to the following video resolutions:

-The resolution can vary depending on the number of participants on a call, the amount of bandwidth available to the client, and other overall call parameters.

-| **SUSE** | | |

-| [15 SP5 <span class="pill purple">Tech Preview (Intel TDX, AMD SEV-SNP)](https://aka.ms/cvm-sles-preview)</span> | | |

-| [15 SP5 for SAP <span class="pill purple">Tech Preview (Intel TDX, AMD SEV-SNP)](https://aka.ms/cvm-sles-preview)</span> | | |

-**Description**: Defender for Cloud has identified some overly-permissive inbound rules for management ports in your Network Security Group. Enable just-in-time access control to protect your VM from internet-based brute-force attacks. Learn more in [Understanding just-in-time (JIT) VM access](/azure/defender-for-cloud/just-in-time-access-overview).

-### [AWS registry container images should have vulnerabilities resolved - (powered by Trivy)](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/03587042-5d4b-44ff-af42-ae99e3c71c87)

-**Description**: Container image vulnerability assessment scans your registry for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks.

-**Severity**: High

-**Type**: Vulnerability Assessment

-**Description**: Accounts with owner permissions that have been provisioned outside of the Azure Active Directory tenant (different domain names), should be removed from your Azure resources.Guest accounts aren't managed to the same standards as enterprise tenant identities. These accounts can be targets for attackers looking to find ways to access your data without being noticed.

-**Description**: Accounts with read permissions that have been provisioned outside of the Azure Active Directory tenant (different domain names), should be removed from your Azure resources.Guest accounts aren't managed to the same standards as enterprise tenant identities. These accounts can be targets for attackers looking to find ways to access your data without being noticed.

-**Description**: Accounts with write permissions that have been provisioned outside of the Azure Active Directory tenant (different domain names), should be removed from your Azure resources.Guest accounts aren't managed to the same standards as enterprise tenant identities. These accounts can be targets for attackers looking to find ways to access your data without being noticed.

-**Description**: Defender for Cloud has analyzed the internet traffic communication patterns of the virtual machines listed below, and determined that the existing rules in the NSGs associated to them are overly-permissive, resulting in an increased potential attack surface.

-**Description**: Defender for Cloud has identified some overly-permissive inbound rules for management ports in your Network Security Group. Enable just-in-time access control to protect your VM from internet-based brute-force attacks. Learn more in [Understanding just-in-time (JIT) VM access](/azure/defender-for-cloud/just-in-time-access-overview).

-| Deprecated: Agentless/agent-based runtime scan (powered by Qualys) [OS packages](#registries-and-images-support-for-azurevulnerability-assessment-powered-by-qualys-deprecated) | Vulnerability assessment for running images in AKS | AKS | GA | Preview | Activated with plan | Defender agent | Defender for Containers | Commercial clouds |

-| Workload | Detection of suspicious activity for Kubernetes for cluster level, node level, and workload level | AKS | GA | - | Enable **Defender Agent in Azure** toggle **OR** deploy Defender agent on individual clusters | Defender agent | Defender for Containers | Commercial clouds |

-| Registries and images | **Supported**<br> ΓÇó ACR registries <br> ΓÇó [ACR registries protected with Azure Private Link](/azure/container-registry/container-registry-private-link) (Private registries requires access to Trusted Services) <br> ΓÇó Container images in Docker V2 format <br> ΓÇó Images with [Open Container Initiative (OCI)](https://github.com/opencontainers/image-spec/blob/main/spec.md) image format specification <br> **Unsupported**<br> ΓÇó Super-minimalist images such as [Docker scratch](https://hub.docker.com/_/scratch/) images<br> is currently unsupported <br>

- :::image type="content" source="media/how-to-schedule-environment-deletion/change-expiration-date-time.png" alt-text="Screenshot of the developer portal, showing the options for scheduled deletion which you can change." lightbox="media/how-to-schedule-environment-deletion/change-expiration-date-time.png":::

-Use the following commands to create a new policy assignment for your resource group. This example uses an existing resource group that contains a virtual machine _without_ managed disks. The resource group is the scope for the policy assignment.

-The Bicep file creates a policy assignment for a resource group scope and assigns the built-in policy definition [Audit VMs that do not use managed disks](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Compute/VMRequireManagedDisk_Audit.json). For a list of available built-in policies, see [Azure Policy samples](./samples/index.md).

-The `rgname` variable uses an expression to get your resource group's name used in the deployment command. The Azure CLI commands use a backslash (`\`) for line continuation to improve readability.

-The `policyid` variable uses an expression to get the policy assignment's ID.

-The `filter` parameter limits the output to non-compliant resources.

-Use the following commands to create a new policy assignment for your resource group. This example uses an existing resource group that contains a virtual machine _without_ managed disks. The resource group is the scope for the policy assignment.

-For more information, go to [Get-AzPolicyState](/powershell/module/az.policyinsights/Get-AzPolicyState).

-> To get data from IoT Hub by using Microsoft Entra ID, [set up routing to a separate event hub](iot-hub-devguide-messages-d2c.md#event-hubs-as-a-routing-endpoint). To access the [the built-in Event Hubs compatible endpoint](iot-hub-devguide-messages-read-builtin.md), use the connection string (shared access key) method as before.

-You can find the hostname of the IoT hub that hosts your endpoints in the Azure portal, on your IoT hub's **Overview** working pane. By default, the DNS name of an IoT hub looks like the following example:

-## List of built-in IoT Hub endpoints

-Azure IoT Hub is a multi-tenant service that exposes its functionality to various actors. The following diagram shows the various endpoints that IoT Hub exposes.

-* **Resource provider**. The IoT Hub resource provider exposes an [Azure Resource Manager](../azure-resource-manager/management/overview.md) interface. This interface enables Azure subscription owners to create and delete IoT hubs, and to update IoT hub properties. IoT Hub properties govern [hub-level shared access policies](iot-hub-dev-guide-sas.md#access-control-and-permissions), as opposed to device-level access control, and functional options for cloud-to-device and device-to-cloud messaging. The IoT Hub resource provider also enables you to [export device identities](iot-hub-devguide-identity-registry.md#import-and-export-device-identities).

-* **Device identity management**. Each IoT hub exposes a set of HTTPS REST endpoints to manage device identities (create, retrieve, update, and delete). [Device identities](iot-hub-devguide-identity-registry.md) are used for device authentication and access control.

-* **Device twin management**. Each IoT hub exposes a set of service-facing HTTPS REST endpoint to query and update [device twins](iot-hub-devguide-device-twins.md) (update tags and properties).

-* **Jobs management**. Each IoT hub exposes a set of service-facing HTTPS REST endpoint to query and manage [jobs](iot-hub-devguide-jobs.md).

-* **Device endpoints**. For each device in the identity registry, IoT Hub exposes a set of endpoints. Except where noted, these endpoints are exposed using [MQTT v3.1.1](https://mqtt.org/), HTTPS 1.1, and [AMQP 1.0](https://www.amqp.org/) protocols. AMQP and MQTT are also available over [WebSockets](https://tools.ietf.org/html/rfc6455) on port 443.

- * *Send device-to-cloud messages*. A device uses this endpoint to [send device-to-cloud messages](iot-hub-devguide-messages-d2c.md).

- * *Receive cloud-to-device messages*. A device uses this endpoint to receive targeted [cloud-to-device messages](iot-hub-devguide-messages-c2d.md).

- * *Initiate file uploads*. A device uses this endpoint to receive an Azure Storage SAS URI from IoT Hub to [upload a file](iot-hub-devguide-file-upload.md).

- * *Retrieve and update device twin properties*. A device uses this endpoint to access its [device twin](iot-hub-devguide-device-twins.md)'s properties. HTTPS isn't supported.

- * *Receive direct method requests*. A device uses this endpoint to listen for [direct method](iot-hub-devguide-direct-methods.md) requests. HTTPS isn't supported.

- [!INCLUDE [iot-hub-include-x509-ca-signed-support-note](../../includes/iot-hub-include-x509-ca-signed-support-note.md)]

-* **Service endpoints**. Each IoT hub exposes a set of endpoints for your solution back end to communicate with your devices. With one exception, these endpoints are only exposed using the [AMQP](https://www.amqp.org/) and AMQP over WebSockets protocols. The direct method invocation endpoint is exposed over the HTTPS protocol.

- * *Receive device-to-cloud messages*. This endpoint is compatible with [Azure Event Hubs](../event-hubs/index.yml). A back-end service can use it to read the [device-to-cloud messages](iot-hub-devguide-messages-d2c.md) sent by your devices. You can create custom endpoints on your IoT hub in addition to this built-in endpoint.

- * *Send cloud-to-device messages and receive delivery acknowledgments*. These endpoints enable your solution back end to send reliable [cloud-to-device messages](iot-hub-devguide-messages-c2d.md), and to receive the corresponding delivery or expiration acknowledgments.

-

- * *Receive file notifications*. This messaging endpoint allows you to receive notifications of when your devices successfully upload a file.

- * *Direct method invocation*. This endpoint allows a back-end service to invoke a [direct method](iot-hub-devguide-direct-methods.md) on a device.

-## Custom endpoints

-For the limits on the number of endpoints you can add, see [Quotas and throttling](iot-hub-devguide-quotas-throttling.md).

-## Endpoint Health

-## Field gateways

-In an IoT solution, a *field gateway* sits between your devices and your IoT Hub endpoints. It's typically located close to your devices. Your devices communicate directly with the field gateway by using a protocol supported by the devices. The field gateway connects to an IoT Hub endpoint using a protocol that is supported by IoT Hub. A field gateway might be a dedicated hardware device or a low-power computer running custom gateway software.

-You can use [Azure IoT Edge](../iot-edge/index.yml) to implement a field gateway. IoT Edge offers functionality such as multiplexing communications from multiple devices onto the same IoT Hub connection.

-Other reference topics in this IoT Hub developer guide include:

-# Use IoT Hub message routing to send device-to-cloud messages to different endpoints

-Message routing enables you to send messages from your devices to cloud services in an automated, scalable, and reliable manner. Message routing can be used for:

-* **Sending device telemetry messages and events** to the built-in endpoint and custom endpoints. Events that can be routed include device lifecycle events, device twin change events, digital twin change events, and device connection state events.

-* **Filtering data before routing it to various endpoints** by applying rich queries. Message routing allows you to query on the message properties and message body as well as device twin tags and device twin properties. For more information, see [queries in message routing](iot-hub-devguide-routing-query-syntax.md).

-The IoT Hub defines a [common format](iot-hub-devguide-messages-construct.md) for all device-to-cloud messaging for interoperability across protocols.

-Each IoT hub has a default built-in endpoint (**messages/events**) that is compatible with Event Hubs. You also can create [custom endpoints](iot-hub-devguide-endpoints.md#custom-endpoints) that point to other services in your Azure subscription.

-Each message is routed to all endpoints whose routing queries it matches. In other words, a message can be routed to multiple endpoints. If a message matches multiple routes that point to the same endpoint, IoT Hub delivers the message to that endpoint only once.

-IoT Hub currently supports the following endpoints:

-Make sure you configure your services to support the expected throughput. For example, if you're using Event Hubs as a custom endpoint, you must configure the **throughput units** for that event hub so it can handle the ingress of events you plan to send via IoT Hub message routing. Similarly, when using a Service Bus queue as an endpoint, you must configure the **maximum size** to ensure the queue can hold all the data ingressed, until it's egressed by consumers. When you first configure your IoT solution, you may need to monitor your other endpoints and make any necessary adjustments for the actual load.

-### Built-in endpoint

-You can use standard [Event Hubs integration and SDKs](iot-hub-devguide-messages-read-builtin.md) to receive device-to-cloud messages from the built-in endpoint (**messages/events**). Once a route is created, data stops flowing to the built-in endpoint unless a route is created to that endpoint. Even if no routes are created, a fallback route must be enabled to route messages to the built-in endpoint. The fallback is enabled by default if you create your hub using the portal or the CLI.

-### Azure Storage as a routing endpoint

-There are two storage services IoT Hub can route messages to: [Azure Blob Storage](../storage/blobs/storage-blobs-introduction.md) and [Azure Data Lake Storage Gen2](../storage/blobs/data-lake-storage-introduction.md) (ADLS Gen2) accounts. Azure Data Lake Storage accounts are [hierarchical namespace-enabled](../storage/blobs/data-lake-storage-namespace.md) storage accounts built on top of blob storage. Both of these use blobs for their storage.

-IoT Hub supports writing data to Azure Storage in the [Apache Avro](https://avro.apache.org/) format and the JSON format. The default is AVRO. When using JSON encoding, you must set the contentType property to **application/json** and contentEncoding property to **UTF-8** in the message [system properties](iot-hub-devguide-routing-query-syntax.md#system-properties). Both of these values are case-insensitive. If the content encoding isn't set, then IoT Hub writes the messages in base 64 encoded format.

-The encoding format can be set only when the blob storage endpoint is configured; it can't be edited for an existing endpoint

-IoT Hub batches messages and writes data to storage whenever the batch reaches a certain size or a certain amount of time has elapsed. IoT Hub defaults to the following file naming convention: `{iothub}/{partition}/{YYYY}/{MM}/{DD}/{HH}/{mm}`.

-You may use any file naming convention, however you must use all listed tokens. IoT Hub writes to an empty blob if there's no data to write.

-We recommend listing the blobs or files and then iterating over them, to ensure all blobs or files are read without making any assumptions of partition. The partition range could potentially change during a [Microsoft-initiated failover](iot-hub-ha-dr.md#microsoft-initiated-failover) or IoT Hub [manual failover](iot-hub-ha-dr.md#manual-failover). You can use the [List Blobs API](/rest/api/storageservices/list-blobs) to enumerate the list of blobs or [List ADLS Gen2 API](/rest/api/storageservices/datalakestoragegen2/path) for the list of files. For example:

-```csharp

-public void ListBlobsInContainer(string containerName, string iothub)

-{

- var storageAccount = CloudStorageAccount.Parse(this.blobConnectionString);

- var cloudBlobContainer = storageAccount.CreateCloudBlobClient().GetContainerReference(containerName);

- if (cloudBlobContainer.Exists())

- {

- var results = cloudBlobContainer.ListBlobs(prefix: $"{iothub}/");

- foreach (IListBlobItem item in results)

- {

- Console.WriteLine(item.Uri);

- }

- }

-}

-```

-To create an Azure Data Lake Gen2-compatible storage account, create a new V2 storage account and select **Enable hierarchical namespace** from the **Data Lake Storage Gen2** section of the **Advanced** tab, as shown in the following image:

-### Service Bus queues and Service Bus topics as a routing endpoint

-Service Bus queues and topics used as IoT Hub endpoints must not have **Sessions** or **Duplicate Detection** enabled. If either of those options are enabled, the endpoint appears as **Unreachable** in the Azure portal.

-### Event Hubs as a routing endpoint

-Apart from the built-in-Event Hubs compatible endpoint, you can also route data to custom endpoints of type Event Hubs.

-### Azure Cosmos DB as a routing endpoint (preview)

-You can send data directly to Azure Cosmos DB from IoT Hub. Cosmos DB is a fully managed hyperscale multi-model database service. It provides low latency and high availability, making it a great choice for scenarios like connected solutions and manufacturing that require extensive downstream data analysis.

-IoT Hub supports writing to Cosmos DB in JSON (if specified in the message content-type) or as Base64 encoded binary.

-To effectively support high-scale scenarios, you can enable [synthetic partition keys](../cosmos-db/nosql/synthetic-partition-keys.md) for the Cosmos DB endpoint. As Cosmos DB is a hyperscale data store, all data/documents written to it must contain a field that represents a logical partition. Each logical partition has a maximum size of 20 GB. You can specify the partition key property name in **Partition key name**. The partition key property name is defined at the container level and can't be changed once it has been set.

-You can configure the synthetic partition key value by specifying a template in **Partition key template** based on your estimated data volume. For example, in manufacturing scenarios, your logical partition might be expected to approach its maximum limit of 20 GB within a month. In that case, you can define a synthetic partition key as a combination of the device ID and the month. The generated partition key value is automatically added to the partition key property for each new Cosmos DB record, ensuring logical partitions are created each month for each device.

-> [!CAUTION]

-> If you're using the system assigned managed identity for authenticating to Cosmos DB, you must use Azure CLI or Azure PowerShell to assign the Cosmos DB Built-in Data Contributor built-in role definition to the identity. Role assignment for Cosmos DB isn't currently supported from the Azure portal. For more information about the various roles, see [Configure role-based access for Azure Cosmos DB](../cosmos-db/how-to-setup-rbac.md). To understand assigning roles via CLI, see [Manage Azure Cosmos DB SQL role resources.](/cli/azure/cosmosdb/sql/role)

-| **Condition** | The query expression for the routing query that is run against the message application properties, system properties, message body, device twin tags, and device twin properties to determine if it's a match for the endpoint. For more information about constructing a query, see the see [message routing query syntax](iot-hub-devguide-routing-query-syntax.md) |

-The fallback route sends all the messages that don't satisfy query conditions on any of the existing routes to the built-in endpoint (**messages/events**), which is compatible with [Event Hubs](../event-hubs/index.yml). If message routing is enabled, you can enable the fallback route capability. Once a route is created, data stops flowing to the built-in endpoint, unless a route is created to that endpoint. If there are no routes to the built-in endpoint and a fallback route is enabled, only messages that don't match any query conditions on routes will be sent to the built-in endpoint. Also, if all existing routes are deleted, the fallback route capability must be enabled to receive all data at the built-in endpoint.

-You can enable or disable the fallback route in the Azure portal, from the **Message routing** blade. You can also use Azure Resource Manager for [FallbackRouteProperties](/rest/api/iothub/iothubresource/createorupdate#fallbackrouteproperties) to use a custom endpoint for the fallback route.

-For example, if a route is created with the data source set to **Device Twin Change Events**, IoT Hub sends messages to the endpoint that contain the change in the device twin. Similarly, if a route is created with the data source set to **Device Lifecycle Events**, IoT Hub sends a message indicating whether the device or module was deleted or created. For more information about device lifecycle events, see [Device and module lifecycle notifications](./iot-hub-devguide-identity-registry.md#device-and-module-lifecycle-notifications). When using [Azure IoT Plug and Play](../iot/overview-iot-plug-and-play.md), a developer can create routes with the data source set to **Digital Twin Change Events** and IoT Hub sends messages whenever a digital twin property is set or changed, a digital twin is replaced, or when a change event happens for the underlying device twin. Finally, if a route is created with data source set to **Device Connection State Events**, IoT Hub sends a message indicating whether the device was connected or disconnected.

-[IoT Hub also integrates with Azure Event Grid](iot-hub-event-grid.md) to publish device events to support real-time integrations and automation of workflows based on these events. See key [differences between message routing and Event Grid](iot-hub-event-grid-routing-comparison.md) to learn which works best for your scenario.

-Device connection state events are available for devices connecting using either the MQTT or AMQP protocol, or using either of these protocols over WebSockets. Requests made only with HTTPS won't trigger device connection state notifications. For IoT Hub to start sending device connection state events, after opening a connection a device must call either the *cloud-to-device receive message* operation or the *device-to-cloud send telemetry* operation. Outside of the Azure IoT SDKs, in MQTT these operations equate to SUBSCRIBE or PUBLISH operations on the appropriate messaging [topics](../iot/iot-mqtt-connect-to-iot-hub.md). Over AMQP these operations equate to attaching or transferring a message on the [appropriate link paths](iot-hub-amqp-support.md).

-IoT Hub doesn't report each individual device connect and disconnect, but rather publishes the current connection state taken at a periodic, 60-second snapshot. Receiving either the same connection state event with different sequence numbers or different connection state events both mean that there was a change in the device connection state during the 60-second window.

-When you route device-to-cloud telemetry messages using built-in endpoints, there's a slight increase in the end-to-end latency after the creation of the first route.

-IoT Hub provides several metrics related to routing and endpoints to give you an overview of the health of your hub and messages sent. For a list of all of the IoT Hub metrics broken out by functional category, see the [Metrics](monitor-iot-hub-reference.md#metrics) section of [Monitoring Azure IoT Hub data reference](monitor-iot-hub-reference.md). You can track errors that occur during evaluation of a routing query and endpoint health as perceived by IoT Hub with the [**routes** category in IoT Hub resource logs](monitor-iot-hub-reference.md#routes). To learn more about using metrics and resource logs with IoT Hub, see [Monitoring Azure IoT Hub](monitor-iot-hub.md).

-You can use the REST API [Get Endpoint Health](/rest/api/iothub/iothubresource/getendpointhealth#iothubresource_getendpointhealth) to get the [health status](iot-hub-devguide-endpoints.md#custom-endpoints) of the endpoints.

-## Next steps

-To learn how to create message routes, see:

-* [Create and delete routes and endpoints by using the Azure portal](./how-to-routing-portal.md)

-* [Create and delete routes and endpoints by using the Azure CLI](./how-to-routing-azure-cli.md)

-If you're using [message routing](iot-hub-devguide-messages-d2c.md) and the [fallback route](iot-hub-devguide-messages-d2c.md#fallback-route) is enabled, a message that doesn't match a query on any route goes to the built-in endpoint. If you disable this fallback route, a message that doesn't match any query is dropped.

-description: This article describes device-to-cloud and cloud-to-device messaging with IoT Hub. Includes information about message formats and supported communications protocols.

-# Send device-to-cloud and cloud-to-device messages with IoT Hub

-IoT Hub allows for bi-directional communication with your devices. Use IoT Hub messaging to communicate with your devices by sending messages from your devices to your IoT solution back end, and by sending messages from your IoT solution back end to your devices. For more information about working with IoT Hub messages, see [Create and read IoT Hub messages](iot-hub-devguide-messages-construct.md).

-## Sending device-to-cloud messages to IoT Hub

-IoT Hub has a built-in service endpoint that can be used by back-end services to read telemetry messages from your devices. This endpoint is compatible with [Azure Event Hubs](../event-hubs/index.yml) and you can use standard IoT Hub SDKs to [read from this built-in endpoint](iot-hub-devguide-messages-read-builtin.md).

-IoT Hub also supports [custom endpoints](iot-hub-devguide-endpoints.md#custom-endpoints) that can be defined by users to send device telemetry data and events to Azure services using [message routing](iot-hub-devguide-messages-d2c.md).

-## Sending cloud-to-device messages from IoT Hub

-You can send [cloud-to-device](iot-hub-devguide-messages-c2d.md) messages from the IoT solution back end to your devices.

-## Choosing the right type of IoT Hub messaging

-Use device-to-cloud messages for sending time series telemetry and alerts from your device app, and cloud-to-device messages for one-way notifications to your device app.

-* For more information about choosing between device-to-cloud messages, reported properties, or file upload, see [Device-to-cloud communications guidance](./iot-hub-devguide-d2c-guidance.md).

-* For more information about choosing between cloud-to-device messages, desired properties, or direct methods, see [Cloud-to-device communications guidance](./iot-hub-devguide-c2d-guidance.md).

-## Next steps

-* Learn about IoT Hub [message routing](iot-hub-devguide-messages-d2c.md).

-* Learn about IoT Hub [cloud-to-device messaging](iot-hub-devguide-messages-c2d.md).

-* **Field gateways**. MQTT and HTTPS support only a single device identity (device ID plus credentials) per TLS connection. For this reason, these protocols aren't supported for [field gateway scenarios](iot-hub-devguide-endpoints.md#field-gateways) that require multiplexing messages, using multiple device identities, across either a single connection or a pool of upstream connections to IoT Hub. Such gateways can use a protocol that supports multiple device identities per connection, like AMQP, for their upstream traffic.

->* When routing to storage, we recommend listing the blobs or files and then iterating over them, to ensure all blobs or files are read without making any assumptions of partition. The partition range could potentially change during a Microsoft-initiated failover or manual failover. You can use the [List Blobs API](/rest/api/storageservices/list-blobs) to enumerate the list of blobs or [List ADLS Gen2 API](/rest/api/storageservices/datalakestoragegen2/filesystem/list) for the list of files. To learn more, see [Azure Storage as a routing endpoint](iot-hub-devguide-messages-d2c.md#azure-storage-as-a-routing-endpoint).

-For more information, see [Using Azure Storage as a routing endpoint](iot-hub-devguide-messages-d2c.md#azure-storage-as-a-routing-endpoint).

-Use the REST API [Get Endpoint Health](/rest/api/iothub/iothubresource/getendpointhealth#iothubresource_getendpointhealth) to get [health status](iot-hub-devguide-endpoints.md#custom-endpoints) of the endpoints. The *Get Endpoint Health* API also provides information on the last time a message was successfully sent to the endpoint, the [last known error](#last-known-errors-for-iot-hub-routing-endpoints), last known error time and the last time a send attempt was made for this endpoint. Use the possible mitigation provided for the specific [last known error](#last-known-errors-for-iot-hub-routing-endpoints).

-Use [message routing](iot-hub-devguide-messages-d2c.md) in Azure IoT Hub to send telemetry data from your IoT devices to Azure services such as blob storage, Service Bus Queues, Service Bus Topics, and Event Hubs. Every IoT hub has a default built-in endpoint that is compatible with Event Hubs. You can also create custom endpoints and route messages to other Azure services by defining [routing queries](iot-hub-devguide-routing-query-syntax.md). Each message that arrives at the IoT hub is routed to all endpoints whose routing queries it matches. If a message doesn't match any of the defined routing queries, it is routed to the default endpoint.

-In this guide, learn how to identify and resolve known issues with data access with the [Azure Machine Learning SDK](https://aka.ms/sdk-v2-install).

-Data access error codes are hierarchical. The full stop character `.` delimits error codes, and become more specific with more segments available.

-The database or server defined in the datastore cannot be found, or no longer exists. Check if the database still exists in Azure portal, or if the Azure Machine Learning studio datastore details page links to it. If it doesn't exist, you will enable the existing datastore for use if you recreate it with the same name. To use a new server name or database, you must delete and recreate the datastore to use the new name.

-The authentication failed while trying to connect to the database. The authentication method is stored inside the datastore, and supports SQL authentication, service principal, or no stored credential (identity based access). When previewing data in Azure Machine Learning studio, workspace MSI enabling makes the authentication use the workspace MSI. A SQL server user needs to be created for the service principal and workspace MSI (if applicable) and granted classic database permissions. More info can be found [here](/azure/azure-sql/database/authentication-aad-service-principal-tutorial#create-the-service-principal-user-in-azure-sql-database).

- - The server under the subscription and resource group couldn't be found. Check that the subscription ID and resource group defined in the datastore match those of the server, and update the values if necessary.

- - The identity doesn't have permission to read the target server firewall settings. Contact your data admin for the workspace MSI Reader role.

-The executed SQL query took too long and timed out. You can specify the timeout at time of data asset creation. If a new timeout is needed, a new asset must be created, or a new version of the current asset must be created. In Azure Machine Learning studio SQL preview, there will have a fixed query timeout, but the defined value will always be honored for jobs.

-The authentication failed while trying to connect to the storage account. The authentication method is stored inside the datastore, and depending on the datastore type, it can support account key, SAS token, service principal or no stored credential (identity based access). When previewing data in Azure Machine Learning studio, workspace MSI enabling makes the authentication use the workspace MSI.

-> If identity based access is used, the required RBAC role is Storage Blob Data Reader. If workspace MSI is used for Azure Machine Learning studio preview, the required RBAC roles are Storage Blob Data Reader and Reader.

- - The identity doesn't have permission to read firewall settings of the target storage account. Contact your data admin to the Reader role to the workspace MSI.

- - The target storage account uses a virtual network, but the logged-in session isn't connecting to the workspace via a private endpoint. Add a private endpoint to the workspace, and ensure that the storage virtual network settings allows the virtual network or subnet of the private endpoint. Add the logged in session's public IP to the storage firewall allowlist.

- - The target storage account firewall settings don't permit this data access. Check that your logged in session falls within compatible network settings with the storage account. If Workspace MSI is used, check that it has Reader access to the storage account and to the private endpoints associated with the storage account.

- - The storage account under the subscription and resource group couldn't be found. Check that the subscription ID and resource group defined in the datastore match those of the storage account, and update the values if needed.

-The specified file or folder path doesn't exist. Check that the provided path exists in Azure portal, or if using a datastore, that the right datastore is used (including the datastore's account and container). If the storage account is an HNS enabled Blob storage, otherwise known as ADLS Gen2, or an `abfs[s]` URI, that storage ACLs may restrict particular folders or paths. This error will appear as a "NotFound" error instead of an "Authentication" error.

-cd open-liberty-on-aro/3-integration/connect-db/mssql

-git checkout 20240116

-cd <path-to-your-repo>/3-integration/connect-db/mssql

- cd <path-to-your-repo>/3-integration/connect-db/mssql

- cd <path-to-your-repo>/3-integration/connect-db/mssql/target

- docker build -t javaee-cafe:v1 --pull --file=Dockerfile .

- cd <path-to-your-repo>/3-integration/connect-db/mssql/target

- cd <path-to-your-repo>/3-integration/connect-db/mssql/target

-SIM partners provide wireless authentication technologies and embedded cellular modules. RAN partners deliver various hardware equipment (such as radios and antennas) necessary to deploy private mobile networks. The following partners have completed interop tests with Azure private MEC. Contact the partner representative for more details:

-Applications that run on supported platforms can also deploy to Azure private MEC with few code changes required. This means that application ISV solutions for Azure Stack Edge, Azure Stack HCI, and Azure IoT Edge can also run on the Azure private MEC solution.

- - Onboard your applications to the Azure Marketplace, and then [pre-register for the forthcoming Azure private MEC ISV or developer program](https://aka.ms/privateMECpartnerprogram).

-> | <a name='search-index-data-contributor'></a>[Search Index Data Contributor](./built-in-roles/web-and-mobile.md#search-index-data-contributor) | Grants full access to Azure Cognitive Search index data. | 8ebe5a00-799e-43f5-93ac-243d3dce84a7 |

-> | <a name='search-index-data-reader'></a>[Search Index Data Reader](./built-in-roles/web-and-mobile.md#search-index-data-reader) | Grants read access to Azure Cognitive Search index data. | 1407120a-92aa-4202-b7e9-c0e197c71c8f |

-> | <a name='search-service-contributor'></a>[Search Service Contributor](./built-in-roles/web-and-mobile.md#search-service-contributor) | Lets you manage Search services, but not access to them. | 7ca78c08-252a-4471-8644-bb5ff32d4ba0 |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/* | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/* | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/*/eventhubs/consumergroups/read | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/*/receive/action | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/*/eventhubs/read | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/*/send/action | |

-> | [Microsoft.DataFactory](../permissions/databases.md#microsoftdatafactory)/dataFactories/* | Create and manage data factories, and child resources within them. |

-> | [Microsoft.DataFactory](../permissions/databases.md#microsoftdatafactory)/factories/* | Create and manage data factories, and child resources within them. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/namespaces/schemagroups/* | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/namespaces/schemas/* | |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/namespaces/schemagroups/read | Get list of SchemaGroup Resource Descriptions |

-> | [Microsoft.EventHub](../permissions/analytics.md#microsofteventhub)/namespaces/schemas/read | Retrieve schemas |

-> | [Microsoft.StreamAnalytics](../permissions/analytics.md#microsoftstreamanalytics)/locations/TestQuery/action | Test Query for Stream Analytics Resource Provider |

-> | [Microsoft.StreamAnalytics](../permissions/analytics.md#microsoftstreamanalytics)/locations/OperationResults/read | Read Stream Analytics Operation Result |

-> | [Microsoft.StreamAnalytics](../permissions/analytics.md#microsoftstreamanalytics)/locations/SampleInput/action | Sample Input for Stream Analytics Resource Provider |

-> | [Microsoft.StreamAnalytics](../permissions/analytics.md#microsoftstreamanalytics)/locations/CompileQuery/action | Compile Query for Stream Analytics Resource Provider |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/listClusterUserCredentials/action | List clusterUser credential(preview) |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/listClusterUserCredential/action | List clusterUser credential |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/controllerrevisions/read | Reads controllerrevisions |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/daemonsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/deployments/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/replicasets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/statefulsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write | Writes localsubjectaccessreviews |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/autoscaling/horizontalpodautoscalers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/cronjobs/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/jobs/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/configmaps/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/endpoints/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events.k8s.io/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/daemonsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/deployments/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/ingresses/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/networkpolicies/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/replicasets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/limitranges/read | Reads limitranges |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/namespaces/read | Reads namespaces |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/ingresses/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/networkpolicies/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/persistentvolumeclaims/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/pods/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/policy/poddisruptionbudgets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/rbac.authorization.k8s.io/rolebindings/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/rbac.authorization.k8s.io/roles/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/resourcequotas/read | Reads resourcequotas |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/secrets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/serviceaccounts/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/services/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/controllerrevisions/read | Reads controllerrevisions |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/daemonsets/read | Reads daemonsets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/deployments/read | Reads deployments |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/replicasets/read | Reads replicasets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/statefulsets/read | Reads statefulsets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/autoscaling/horizontalpodautoscalers/read | Reads horizontalpodautoscalers |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/cronjobs/read | Reads cronjobs |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/jobs/read | Reads jobs |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/configmaps/read | Reads configmaps |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/endpoints/read | Reads endpoints |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events.k8s.io/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/daemonsets/read | Reads daemonsets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/deployments/read | Reads deployments |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/ingresses/read | Reads ingresses |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/networkpolicies/read | Reads networkpolicies |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/replicasets/read | Reads replicasets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/limitranges/read | Reads limitranges |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/namespaces/read | Reads namespaces |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/ingresses/read | Reads ingresses |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/networkpolicies/read | Reads networkpolicies |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/persistentvolumeclaims/read | Reads persistentvolumeclaims |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/pods/read | Reads pods |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/policy/poddisruptionbudgets/read | Reads poddisruptionbudgets |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/read | Reads replicationcontrollers |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/read | Reads replicationcontrollers |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/resourcequotas/read | Reads resourcequotas |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/serviceaccounts/read | Reads serviceaccounts |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/services/read | Reads services |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/controllerrevisions/read | Reads controllerrevisions |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/daemonsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/deployments/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/replicasets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/apps/statefulsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/autoscaling/horizontalpodautoscalers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/cronjobs/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/batch/jobs/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/configmaps/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/endpoints/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events.k8s.io/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/events/read | Reads events |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/daemonsets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/deployments/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/ingresses/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/networkpolicies/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/extensions/replicasets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/limitranges/read | Reads limitranges |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/namespaces/read | Reads namespaces |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/ingresses/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/networking.k8s.io/networkpolicies/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/persistentvolumeclaims/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/pods/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/policy/poddisruptionbudgets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/replicationcontrollers/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/resourcequotas/read | Reads resourcequotas |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/secrets/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/serviceaccounts/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/services/* | |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/Write | Writes connectedClusters |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/connectedClusters/read | Read connectedClusters |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/write | Creates or updates extension resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/read | Gets extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/delete | Deletes extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/operations/read | Gets Async Operation status. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Purview](../permissions/management-and-governance.md#microsoftpurview)/consents/write | Create or Update a Consent Resource. |

-> | [Microsoft.Purview](../permissions/management-and-governance.md#microsoftpurview)/consents/delete | Delete the Consent Resource. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/register/action | Registers Subscription with Microsoft.Kubernetes resource provider |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/register/action | Registers subscription to Microsoft.KubernetesConfiguration resource provider. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/write | Creates or updates extension resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/read | Gets extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/delete | Deletes extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/operations/read | Gets Async Operation status. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/namespaces/read | Get Namespace Resource |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/operations/read | Gets available operations of the Microsoft.KubernetesConfiguration resource provider. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/read | Gets extension instance resource. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Kubernetes](../permissions/containers.md#microsoftkubernetes)/register/action | Registers Subscription with Microsoft.Kubernetes resource provider |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/register/action | Registers subscription to Microsoft.KubernetesConfiguration resource provider. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/write | Creates or updates extension resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/read | Gets extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/delete | Deletes extension instance resource. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/extensions/operations/read | Gets Async Operation status. |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/namespaces/read | Get Namespace Resource |

-> | [Microsoft.KubernetesConfiguration](../permissions/containers.md#microsoftkubernetesconfiguration)/operations/read | Gets available operations of the Microsoft.KubernetesConfiguration resource provider. |

-> | [Microsoft.Commerce](../permissions/management-and-governance.md#microsoftcommerce)/*/read | |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/resourceProviders/locations/serviceLimits/read | Get the current service limit or quota of the specified resource and location |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/resourceProviders/locations/serviceLimits/write | Create service limit or quota for the specified resource and location |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/resourceProviders/locations/serviceLimitsRequests/read | Get any service limit request for the specified resource and location |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/register/action | Registers the Capacity resource provider and enables the creation of Capacity resources. |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/catalogs/read | Read catalog of Reservation |

-> | [Microsoft.Capacity](../permissions/management-and-governance.md#microsoftcapacity)/register/action | Registers the Capacity resource provider and enables the creation of Capacity resources. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/getBackupStatus/action | Check Backup Status for Recovery Services Vaults |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/write | Creates a Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/delete | Deletes the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/deletedBackupInstances/read | List soft-deleted Backup Instances in a Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/deletedBackupInstances/undelete/action | Perform undelete of soft-deleted Backup Instance. Backup Instance moves from SoftDeleted to ProtectionStopped state. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/backup/action | Performs Backup on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/validateRestore/action | Validates for Restore of the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/restore/action | Triggers restore on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action | Triggers cross region restore operation on given backup instance. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action | Performs validations for cross region restore operation. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | List cross region restore jobs of backup instance from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | Get cross region restore job details from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | Returns recovery points from secondary region for cross region restore enabled Backup Vaults. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/write | Creates Backup Policy |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/delete | Deletes the Backup Policy |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/findRestorableTimeRanges/action | Finds Restorable Time Ranges |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/write | Update BackupVault operation updates an Azure resource of type 'Backup Vault' |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationResults/read | Gets Operation Result of a Patch Operation for a Backup Vault |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/checkNameAvailability/action | Checks if the requested BackupVault Name is Available |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/checkFeatureSupport/action | Validates if a feature is supported |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationResults/read | Returns Backup Operation Result for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/validateForBackup/action | Validates for backup of Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/operations/read | Operation returns the list of Operations for a Resource Provider |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/deletedBackupInstances/read | List soft-deleted Backup Instances in a Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/findRestorableTimeRanges/action | Finds Restorable Time Ranges |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationResults/read | Gets Operation Result of a Patch Operation for a Backup Vault |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationResults/read | Returns Backup Operation Result for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/operations/read | Operation returns the list of Operations for a Resource Provider |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/validateForBackup/action | Validates for backup of Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/backup/action | Performs Backup on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/validateRestore/action | Validates for Restore of the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/restore/action | Triggers restore on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action | Triggers cross region restore operation on given backup instance. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action | Performs validations for cross region restore operation. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | List cross region restore jobs of backup instance from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | Get cross region restore job details from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | Returns recovery points from secondary region for cross region restore enabled Backup Vaults. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/checkFeatureSupport/action | Validates if a feature is supported |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/getBackupStatus/action | Check Backup Status for Recovery Services Vaults |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/write | Creates a Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/deletedBackupInstances/read | List soft-deleted Backup Instances in a Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/backup/action | Performs Backup on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/validateRestore/action | Validates for Restore of the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/restore/action | Triggers restore on the Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/backupInstances/findRestorableTimeRanges/action | Finds Restorable Time Ranges |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationResults/read | Gets Operation Result of a Patch Operation for a Backup Vault |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/operationResults/read | Returns Backup Operation Result for Backup Vault. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/backupVaults/validateForBackup/action | Validates for backup of Backup Instance |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/operations/read | Operation returns the list of Operations for a Resource Provider |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | List cross region restore jobs of backup instance from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | Get cross region restore job details from secondary region. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | Returns recovery points from secondary region for cross region restore enabled Backup Vaults. |

-> | [Microsoft.DataProtection](../permissions/management-and-governance.md#microsoftdataprotection)/locations/checkFeatureSupport/action | Validates if a feature is supported |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/* | |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/*/read | |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/jobs/listsecrets/action | |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/jobs/listcredentials/action | Lists the unencrypted credentials related to the order. |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/locations/availableSkus/action | This method returns the list of available skus. |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/locations/validateInputs/action | This method does all type of validations. |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/locations/regionConfiguration/action | This method returns the configurations for the region. |

-> | [Microsoft.Databox](../permissions/storage.md#microsoftdatabox)/locations/validateAddress/action | Validates the shipping address and provides alternate addresses if any. |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-Read, write, and delete Azure Storage containers and blobs. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Provides full access to Azure Storage blob containers and data, including assigning POSIX access control. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Read and list Azure Storage containers and blobs. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Read, write, and delete Azure Storage queues and queue messages. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Peek, retrieve, and delete a message from an Azure Storage queue. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Add messages to an Azure Storage queue. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-Read and list Azure Storage queues and queue messages. To learn which actions are required for a given data operation, see [Permissions for calling blob and queue data operations](/rest/api/storageservices/authenticate-with-azure-active-directory#permissions-for-calling-blob-and-queue-data-operations).

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/configService/read | Read the configuration content(for example, application.yaml) for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/configService/write | Write config server content for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/configService/delete | Delete config server content for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/configService/read | Read the configuration content(for example, application.yaml) for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/*/read | |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/eurekaService/read | Read the user app(s) registration information for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/eurekaService/write | Write the user app(s) registration information for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/eurekaService/delete | Delete the user app registration information for a specific Azure Spring Apps service instance |

-> | [Microsoft.AppPlatform](../permissions/web-and-mobile.md#microsoftappplatform)/Spring/eurekaService/read | Read the user app(s) registration information for a specific Azure Spring Apps service instance |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-## Search Index Data Contributor

-Grants full access to Azure Cognitive Search index data.

-> [!div class="mx-tableFixed"]

-> | Actions | Description |

-> | | |

-> | *none* | |

-> | **NotActions** | |

-> | *none* | |

-> | **DataActions** | |

-> | [Microsoft.Search](../permissions/web-and-mobile.md#microsoftsearch)/searchServices/indexes/documents/* | |

-> | **NotDataActions** | |

-> | *none* | |

-```json

-{

- "assignableScopes": [

- "/"

- ],

- "description": "Grants full access to Azure Cognitive Search index data.",

- "id": "/providers/Microsoft.Authorization/roleDefinitions/8ebe5a00-799e-43f5-93ac-243d3dce84a7",

- "name": "8ebe5a00-799e-43f5-93ac-243d3dce84a7",

- "permissions": [

- {

- "actions": [],

- "notActions": [],

- "dataActions": [

- "Microsoft.Search/searchServices/indexes/documents/*"

- ],

- "notDataActions": []

- }

- ],

- "roleName": "Search Index Data Contributor",

- "roleType": "BuiltInRole",

- "type": "Microsoft.Authorization/roleDefinitions"

-}

-```

-## Search Index Data Reader

-Grants read access to Azure Cognitive Search index data.

-> [!div class="mx-tableFixed"]

-> | Actions | Description |

-> | | |

-> | *none* | |

-> | **NotActions** | |

-> | *none* | |

-> | **DataActions** | |

-> | [Microsoft.Search](../permissions/web-and-mobile.md#microsoftsearch)/searchServices/indexes/documents/read | Read documents or suggested query terms from an index. |

-> | **NotDataActions** | |

-> | *none* | |

-```json

-{

- "assignableScopes": [

- "/"

- ],

- "description": "Grants read access to Azure Cognitive Search index data.",

- "id": "/providers/Microsoft.Authorization/roleDefinitions/1407120a-92aa-4202-b7e9-c0e197c71c8f",

- "name": "1407120a-92aa-4202-b7e9-c0e197c71c8f",

- "permissions": [

- {

- "actions": [],

- "notActions": [],

- "dataActions": [

- "Microsoft.Search/searchServices/indexes/documents/read"

- ],

- "notDataActions": []

- }

- ],

- "roleName": "Search Index Data Reader",

- "roleType": "BuiltInRole",

- "type": "Microsoft.Authorization/roleDefinitions"

-}

-```

-## Search Service Contributor

-Lets you manage Search services, but not access to them.

-[Learn more](/azure/search/search-security-rbac)

-> [!div class="mx-tableFixed"]

-> | Actions | Description |

-> | | |

-> | [Microsoft.Authorization](../permissions/management-and-governance.md#microsoftauthorization)/*/read | Read roles and role assignments |

-> | [Microsoft.Insights](../permissions/monitor.md#microsoftinsights)/alertRules/* | Create and manage a classic metric alert |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/deployments/* | Create and manage a deployment |

-> | [Microsoft.Resources](../permissions/management-and-governance.md#microsoftresources)/subscriptions/resourceGroups/read | Gets or lists resource groups. |

-> | [Microsoft.Search](../permissions/web-and-mobile.md#microsoftsearch)/searchServices/* | Create and manage search services |

-> | [Microsoft.Support](../permissions/general.md#microsoftsupport)/* | Create and update a support ticket |

-> | **NotActions** | |

-> | *none* | |

-> | **DataActions** | |

-> | *none* | |

-> | **NotDataActions** | |

-> | *none* | |

-```json

-{

- "assignableScopes": [

- "/"

- ],

- "description": "Lets you manage Search services, but not access to them.",

- "id": "/providers/Microsoft.Authorization/roleDefinitions/7ca78c08-252a-4471-8644-bb5ff32d4ba0",

- "name": "7ca78c08-252a-4471-8644-bb5ff32d4ba0",

- "permissions": [

- {

- "actions": [

- "Microsoft.Authorization/*/read",

- "Microsoft.Insights/alertRules/*",

- "Microsoft.ResourceHealth/availabilityStatuses/read",

- "Microsoft.Resources/deployments/*",

- "Microsoft.Resources/subscriptions/resourceGroups/read",

- "Microsoft.Search/searchServices/*",

- "Microsoft.Support/*"

- ],

- "notActions": [],

- "dataActions": [],

- "notDataActions": []

- }

- ],

- "roleName": "Search Service Contributor",

- "roleType": "BuiltInRole",

- "type": "Microsoft.Authorization/roleDefinitions"

-}

-```

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | [Microsoft.ResourceHealth](../permissions/general.md#microsoftresourcehealth)/availabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-Azure service: [Azure Data Lake Store](/azure/storage/blobs/data-lake-storage-introduction)

-## Microsoft.EventHub

-Azure service: [Event Hubs](/azure/event-hubs/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.EventHub/checkNamespaceAvailability/action | Checks availability of namespace under given subscription. This API is deprecated please use CheckNameAvailability instead. |

-> | Microsoft.EventHub/checkNameAvailability/action | Checks availability of namespace under given subscription. |

-> | Microsoft.EventHub/register/action | Registers the subscription for the EventHub resource provider and enables the creation of EventHub resources |

-> | Microsoft.EventHub/unregister/action | Registers the EventHub Resource Provider |

-> | Microsoft.EventHub/availableClusterRegions/read | Read operation to list available pre-provisioned clusters by Azure region. |

-> | Microsoft.EventHub/clusters/read | Gets the Cluster Resource Description |

-> | Microsoft.EventHub/clusters/write | Creates or modifies an existing Cluster resource. |

-> | Microsoft.EventHub/clusters/delete | Deletes an existing Cluster resource. |

-> | Microsoft.EventHub/clusters/namespaces/read | List namespace Azure Resource Manager IDs for namespaces within a cluster. |

-> | Microsoft.EventHub/clusters/operationresults/read | Get the status of an asynchronous cluster operation. |

-> | Microsoft.EventHub/clusters/providers/Microsoft.Insights/metricDefinitions/read | Get list of Cluster metrics Resource Descriptions |

-> | Microsoft.EventHub/locations/deleteVirtualNetworkOrSubnets/action | Deletes the VNet rules in EventHub Resource Provider for the specified VNet |

-> | Microsoft.EventHub/namespaces/write | Create a Namespace Resource and Update its properties. Tags and Capacity of the Namespace are the properties which can be updated. |

-> | Microsoft.EventHub/namespaces/read | Get the list of Namespace Resource Description |

-> | Microsoft.EventHub/namespaces/Delete | Delete Namespace Resource |

-> | Microsoft.EventHub/namespaces/authorizationRules/action | Updates Namespace Authorization Rule. This API is deprecated. Please use a PUT call to update the Namespace Authorization Rule instead.. This operation is not supported on API version 2017-04-01. |

-> | Microsoft.EventHub/namespaces/removeAcsNamepsace/action | Remove ACS namespace |

-> | Microsoft.EventHub/namespaces/updateState/action | UpdateNamespaceState |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionsApproval/action | Approve Private Endpoint Connection |

-> | Microsoft.EventHub/namespaces/joinPerimeter/action | Action to Join the Network Security Perimeter. This action is used to perform linked access by NSP RP. |

-> | Microsoft.EventHub/namespaces/authorizationRules/read | Get the list of Namespaces Authorization Rules description. |

-> | Microsoft.EventHub/namespaces/authorizationRules/write | Create a Namespace level Authorization Rules and update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated. |

-> | Microsoft.EventHub/namespaces/authorizationRules/delete | Delete Namespace Authorization Rule. The Default Namespace Authorization Rule cannot be deleted. |

-> | Microsoft.EventHub/namespaces/authorizationRules/listkeys/action | Get the Connection String to the Namespace |

-> | Microsoft.EventHub/namespaces/authorizationRules/regenerateKeys/action | Regenerate the Primary or Secondary key to the Resource |

-> | Microsoft.EventHub/namespaces/disasterrecoveryconfigs/checkNameAvailability/action | Checks availability of namespace alias under given subscription. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/write | Creates or Updates the Disaster Recovery configuration associated with the namespace. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/read | Gets the Disaster Recovery configuration associated with the namespace. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/delete | Deletes the Disaster Recovery configuration associated with the namespace. This operation can only be invoked via the primary namespace. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/breakPairing/action | Disables Disaster Recovery and stops replicating changes from primary to secondary namespaces. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/failover/action | Invokes a GEO DR failover and reconfigures the namespace alias to point to the secondary namespace. |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/authorizationRules/read | Get Disaster Recovery Primary Namespace's Authorization Rules |

-> | Microsoft.EventHub/namespaces/disasterRecoveryConfigs/authorizationRules/listkeys/action | Gets the authorization rules keys for the Disaster Recovery primary namespace |

-> | Microsoft.EventHub/namespaces/eventhubs/write | Create or Update EventHub properties. |

-> | Microsoft.EventHub/namespaces/eventhubs/read | Get list of EventHub Resource Descriptions |

-> | Microsoft.EventHub/namespaces/eventhubs/Delete | Operation to delete EventHub Resource |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/action | Operation to update EventHub. This operation is not supported on API version 2017-04-01. Authorization Rules. Please use a PUT call to update Authorization Rule. |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/read | Get the list of EventHub Authorization Rules |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/write | Create EventHub Authorization Rules and Update its properties. The Authorization Rules Access Rights can be updated. |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/delete | Operation to delete EventHub Authorization Rules |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/listkeys/action | Get the Connection String to EventHub |

-> | Microsoft.EventHub/namespaces/eventhubs/authorizationRules/regenerateKeys/action | Regenerate the Primary or Secondary key to the Resource |

-> | Microsoft.EventHub/namespaces/eventHubs/consumergroups/write | Create or Update ConsumerGroup properties. |

-> | Microsoft.EventHub/namespaces/eventHubs/consumergroups/read | Get list of ConsumerGroup Resource Descriptions |

-> | Microsoft.EventHub/namespaces/eventHubs/consumergroups/Delete | Operation to delete ConsumerGroup Resource |

-> | Microsoft.EventHub/namespaces/ipFilterRules/read | Get IP Filter Resource |

-> | Microsoft.EventHub/namespaces/ipFilterRules/write | Create IP Filter Resource |

-> | Microsoft.EventHub/namespaces/ipFilterRules/delete | Delete IP Filter Resource |

-> | Microsoft.EventHub/namespaces/messagingPlan/read | Gets the Messaging Plan for a namespace.<br>This API is deprecated.<br>Properties exposed via the MessagingPlan resource are moved to the (parent) Namespace resource in later API versions..<br>This operation is not supported on API version 2017-04-01. |

-> | Microsoft.EventHub/namespaces/messagingPlan/write | Updates the Messaging Plan for a namespace.<br>This API is deprecated.<br>Properties exposed via the MessagingPlan resource are moved to the (parent) Namespace resource in later API versions..<br>This operation is not supported on API version 2017-04-01. |

-> | Microsoft.EventHub/namespaces/networkruleset/read | Gets NetworkRuleSet Resource |

-> | Microsoft.EventHub/namespaces/networkruleset/write | Create VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/networkruleset/delete | Delete VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/networkrulesets/read | Gets NetworkRuleSet Resource |

-> | Microsoft.EventHub/namespaces/networkrulesets/write | Create VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/networkrulesets/delete | Delete VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterAssociationProxies/write | Create NetworkSecurityPerimeterAssociationProxies |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterAssociationProxies/read | Get NetworkSecurityPerimeterAssociationProxies |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterAssociationProxies/delete | Delete NetworkSecurityPerimeterAssociationProxies |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterAssociationProxies/reconcile/action | Reconcile NetworkSecurityPerimeterAssociationProxies |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterConfigurations/read | Get Network Security Perimeter Configurations |

-> | Microsoft.EventHub/namespaces/networkSecurityPerimeterConfigurations/reconcile/action | Reconcile Network Security Perimeter Configurations |

-> | Microsoft.EventHub/namespaces/operationresults/read | Get the status of Namespace operation |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionProxies/validate/action | Validate Private Endpoint Connection Proxy |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionProxies/read | Get Private Endpoint Connection Proxy |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionProxies/write | Create Private Endpoint Connection Proxy |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionProxies/delete | Delete Private Endpoint Connection Proxy |

-> | Microsoft.EventHub/namespaces/privateEndpointConnectionProxies/operationstatus/read | Get the status of an asynchronous private endpoint operation |

-> | Microsoft.EventHub/namespaces/privateEndpointConnections/read | Get Private Endpoint Connection |

-> | Microsoft.EventHub/namespaces/privateEndpointConnections/write | Create or Update Private Endpoint Connection |

-> | Microsoft.EventHub/namespaces/privateEndpointConnections/delete | Removes Private Endpoint Connection |

-> | Microsoft.EventHub/namespaces/privateEndpointConnections/operationstatus/read | Get the status of an asynchronous private endpoint operation |

-> | Microsoft.EventHub/namespaces/privateLinkResources/read | Gets the resource types that support private endpoint connections |

-> | Microsoft.EventHub/namespaces/providers/Microsoft.Insights/diagnosticSettings/read | Get list of Namespace diagnostic settings Resource Descriptions |

-> | Microsoft.EventHub/namespaces/providers/Microsoft.Insights/diagnosticSettings/write | Get list of Namespace diagnostic settings Resource Descriptions |

-> | Microsoft.EventHub/namespaces/providers/Microsoft.Insights/logDefinitions/read | Get list of Namespace logs Resource Descriptions |

-> | Microsoft.EventHub/namespaces/providers/Microsoft.Insights/metricDefinitions/read | Get list of Namespace metrics Resource Descriptions |

-> | Microsoft.EventHub/namespaces/schemagroups/write | Create or Update SchemaGroup properties. |

-> | Microsoft.EventHub/namespaces/schemagroups/read | Get list of SchemaGroup Resource Descriptions |

-> | Microsoft.EventHub/namespaces/schemagroups/delete | Operation to delete SchemaGroup Resource |

-> | Microsoft.EventHub/namespaces/virtualNetworkRules/read | Gets VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/virtualNetworkRules/write | Create VNET Rule Resource |

-> | Microsoft.EventHub/namespaces/virtualNetworkRules/delete | Delete VNET Rule Resource |

-> | Microsoft.EventHub/operations/read | Get Operations |

-> | Microsoft.EventHub/sku/read | Get list of Sku Resource Descriptions |

-> | Microsoft.EventHub/sku/regions/read | Get list of SkuRegions Resource Descriptions |

-> | **DataAction** | **Description** |

-> | Microsoft.EventHub/namespaces/messages/send/action | Send messages |

-> | Microsoft.EventHub/namespaces/messages/receive/action | Receive messages |

-> | Microsoft.EventHub/namespaces/schemas/read | Retrieve schemas |

-> | Microsoft.EventHub/namespaces/schemas/write | Write schemas |

-> | Microsoft.EventHub/namespaces/schemas/delete | Delete schemas |

-## Microsoft.StreamAnalytics

-Azure service: [Stream Analytics](/azure/stream-analytics/)

-> | Microsoft.StreamAnalytics/Register/action | Register subscription with Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/clusters/Delete | Delete Stream Analytics Cluster |

-> | Microsoft.StreamAnalytics/clusters/ListStreamingJobs/action | List streaming jobs for Stream Analytics Cluster |

-> | Microsoft.StreamAnalytics/clusters/Read | Read Stream Analytics Cluster |

-> | Microsoft.StreamAnalytics/clusters/Write | Write Stream Analytics Cluster |

-> | Microsoft.StreamAnalytics/clusters/operationresults/Read | Read operation results for Stream Analytics Cluster |

-> | Microsoft.StreamAnalytics/clusters/privateEndpoints/Delete | Delete Stream Analytics Cluster Private Endpoint |

-> | Microsoft.StreamAnalytics/clusters/privateEndpoints/Read | Read Stream Analytics Cluster Private Endpoint |

-> | Microsoft.StreamAnalytics/clusters/privateEndpoints/Write | Write Stream Analytics Cluster Private Endpoint |

-> | Microsoft.StreamAnalytics/clusters/privateEndpoints/operationresults/Read | Read operation results for Stream Analytics Cluster Private Endpoint |

-> | Microsoft.StreamAnalytics/locations/CompileQuery/action | Compile Query for Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/locations/SampleInput/action | Sample Input for Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/locations/TestInput/action | Test Input for Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/locations/TestOutput/action | Test Output for Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/locations/TestQuery/action | Test Query for Stream Analytics Resource Provider |

-> | Microsoft.StreamAnalytics/locations/operationresults/Read | Read Stream Analytics Operation Result |

-> | Microsoft.StreamAnalytics/locations/quotas/Read | Read Stream Analytics Subscription Quota |

-> | Microsoft.StreamAnalytics/operations/Read | Read Stream Analytics Operations |

-> | Microsoft.StreamAnalytics/streamingjobs/CompileQuery/action | Compile Query for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Delete | Delete Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/DownloadDiagram/action | Download job diagrams for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/GenerateTopologies/action | Generate topologies for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/PublishEdgePackage/action | Publish edge package for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Read | Read Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Scale/action | Scale Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Start/action | Start Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Stop/action | Stop Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/TestQuery/action | Test Query for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/Write | Write Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/Delete | Delete Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/Read | Read Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/RetrieveDefaultDefinition/action | Retrieve Default Definition of a Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/Test/action | Test Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/Write | Write Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/functions/operationresults/Read | Read operation results for Stream Analytics Job Function |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/Delete | Delete Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/Read | Read Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/Sample/action | Sample Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/Test/action | Test Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/Write | Write Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/inputs/operationresults/Read | Read operation results for Stream Analytics Job Input |

-> | Microsoft.StreamAnalytics/streamingjobs/metricdefinitions/Read | Read Metric Definitions |

-> | Microsoft.StreamAnalytics/streamingjobs/operationresults/Read | Read operation results for Stream Analytics Job |

-> | Microsoft.StreamAnalytics/streamingjobs/outputs/Delete | Delete Stream Analytics Job Output |

-> | Microsoft.StreamAnalytics/streamingjobs/outputs/Read | Read Stream Analytics Job Output |

-> | Microsoft.StreamAnalytics/streamingjobs/outputs/Test/action | Test Stream Analytics Job Output |

-> | Microsoft.StreamAnalytics/streamingjobs/outputs/Write | Write Stream Analytics Job Output |

-> | Microsoft.StreamAnalytics/streamingjobs/outputs/operationresults/Read | Read operation results for Stream Analytics Job Output |

-> | Microsoft.StreamAnalytics/streamingjobs/providers/Microsoft.Insights/diagnosticSettings/read | Read diagnostic setting. |

-> | Microsoft.StreamAnalytics/streamingjobs/providers/Microsoft.Insights/diagnosticSettings/write | Write diagnostic setting. |

-> | Microsoft.StreamAnalytics/streamingjobs/providers/Microsoft.Insights/logDefinitions/read | Gets the available logs for streamingjobs |

-> | Microsoft.StreamAnalytics/streamingjobs/providers/Microsoft.Insights/metricDefinitions/read | Gets the available metrics for streamingjobs |

-> | Microsoft.StreamAnalytics/streamingjobs/Skus/Read | Read Stream Analytics Job SKUs |

-> | Microsoft.StreamAnalytics/streamingjobs/transformations/Delete | Delete Stream Analytics Job Transformation |

-> | Microsoft.StreamAnalytics/streamingjobs/transformations/Read | Read Stream Analytics Job Transformation |

-> | Microsoft.StreamAnalytics/streamingjobs/transformations/Write | Write Stream Analytics Job Transformation |

-## Microsoft.Kubernetes

-Azure service: [Azure Arc-enabled Kubernetes](/azure/azure-arc/kubernetes/overview)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Kubernetes/register/action | Registers Subscription with Microsoft.Kubernetes resource provider |

-> | Microsoft.Kubernetes/unregister/action | Un-Registers Subscription with Microsoft.Kubernetes resource provider |

-> | Microsoft.Kubernetes/connectedClusters/Read | Read connectedClusters |

-> | Microsoft.Kubernetes/connectedClusters/Write | Writes connectedClusters |

-> | Microsoft.Kubernetes/connectedClusters/Delete | Deletes connectedClusters |

-> | Microsoft.Kubernetes/connectedClusters/listClusterUserCredentials/action | List clusterUser credential(preview) |

-> | Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action | List clusterUser credential |

-> | Microsoft.Kubernetes/locations/operationstatuses/read | Read Operation Statuses |

-> | Microsoft.Kubernetes/locations/operationstatuses/write | Write Operation Statuses |

-> | Microsoft.Kubernetes/operations/read | Lists operations available on Microsoft.Kubernetes resource provider |

-> | Microsoft.Kubernetes/RegisteredSubscriptions/read | Reads registered subscriptions |

-> | **DataAction** | **Description** |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/initializerconfigurations/read | Reads initializerconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/initializerconfigurations/write | Writes initializerconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/initializerconfigurations/delete | Deletes initializerconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/mutatingwebhookconfigurations/read | Reads mutatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/mutatingwebhookconfigurations/write | Writes mutatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/mutatingwebhookconfigurations/delete | Deletes mutatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/validatingwebhookconfigurations/read | Reads validatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/validatingwebhookconfigurations/write | Writes validatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/admissionregistration.k8s.io/validatingwebhookconfigurations/delete | Deletes validatingwebhookconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/api/read | Reads api |

-> | Microsoft.Kubernetes/connectedClusters/api/v1/read | Reads api/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apiextensions.k8s.io/customresourcedefinitions/read | Reads customresourcedefinitions |

-> | Microsoft.Kubernetes/connectedClusters/apiextensions.k8s.io/customresourcedefinitions/write | Writes customresourcedefinitions |

-> | Microsoft.Kubernetes/connectedClusters/apiextensions.k8s.io/customresourcedefinitions/delete | Deletes customresourcedefinitions |

-> | Microsoft.Kubernetes/connectedClusters/apiregistration.k8s.io/apiservices/read | Reads apiservices |

-> | Microsoft.Kubernetes/connectedClusters/apiregistration.k8s.io/apiservices/write | Writes apiservices |

-> | Microsoft.Kubernetes/connectedClusters/apiregistration.k8s.io/apiservices/delete | Deletes apiservices |

-> | Microsoft.Kubernetes/connectedClusters/apis/read | Reads apis |

-> | Microsoft.Kubernetes/connectedClusters/apis/admissionregistration.k8s.io/read | Reads admissionregistration.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/admissionregistration.k8s.io/v1/read | Reads admissionregistration.k8s.io/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/admissionregistration.k8s.io/v1beta1/read | Reads admissionregistration.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiextensions.k8s.io/read | Reads apiextensions.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiextensions.k8s.io/v1/read | Reads apiextensions.k8s.io/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiextensions.k8s.io/v1beta1/read | Reads apiextensions.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiregistration.k8s.io/read | Reads apiregistration.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiregistration.k8s.io/v1/read | Reads apiregistration.k8s.io/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apiregistration.k8s.io/v1beta1/read | Reads apiregistration.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apps/read | Reads apps |

-> | Microsoft.Kubernetes/connectedClusters/apis/apps/v1beta1/read | Reads apps/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/apps/v1beta2/read | Reads v1beta2 |

-> | Microsoft.Kubernetes/connectedClusters/apis/authentication.k8s.io/read | Reads authentication.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/authentication.k8s.io/v1/read | Reads authentication.k8s.io/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/authentication.k8s.io/v1beta1/read | Reads authentication.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/authorization.k8s.io/read | Reads authorization.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/authorization.k8s.io/v1/read | Reads authorization.k8s.io/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/authorization.k8s.io/v1beta1/read | Reads authorization.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/autoscaling/read | Reads autoscaling |

-> | Microsoft.Kubernetes/connectedClusters/apis/autoscaling/v1/read | Reads autoscaling/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/autoscaling/v2beta1/read | Reads autoscaling/v2beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/autoscaling/v2beta2/read | Reads autoscaling/v2beta2 |

-> | Microsoft.Kubernetes/connectedClusters/apis/batch/read | Reads batch |

-> | Microsoft.Kubernetes/connectedClusters/apis/batch/v1/read | Reads batch/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/batch/v1beta1/read | Reads batch/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/certificates.k8s.io/read | Reads certificates.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/certificates.k8s.io/v1beta1/read | Reads certificates.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/coordination.k8s.io/read | Reads coordination.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/coordination.k8s.io/v1/read | Reads coordination/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/coordination.k8s.io/v1beta1/read | Reads coordination.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/events.k8s.io/read | Reads events.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/events.k8s.io/v1beta1/read | Reads events.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/extensions/read | Reads extensions |

-> | Microsoft.Kubernetes/connectedClusters/apis/extensions/v1beta1/read | Reads extensions/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/metrics.k8s.io/read | Reads metrics.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/metrics.k8s.io/v1beta1/read | Reads metrics.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/networking.k8s.io/read | Reads networking.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/networking.k8s.io/v1/read | Reads networking/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/networking.k8s.io/v1beta1/read | Reads networking.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/node.k8s.io/read | Reads node.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/node.k8s.io/v1beta1/read | Reads node.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/policy/read | Reads policy |

-> | Microsoft.Kubernetes/connectedClusters/apis/policy/v1beta1/read | Reads policy/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/rbac.authorization.k8s.io/read | Reads rbac.authorization.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/rbac.authorization.k8s.io/v1/read | Reads rbac.authorization/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/rbac.authorization.k8s.io/v1beta1/read | Reads rbac.authorization.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/scheduling.k8s.io/read | Reads scheduling.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/scheduling.k8s.io/v1/read | Reads scheduling/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/scheduling.k8s.io/v1beta1/read | Reads scheduling.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/storage.k8s.io/read | Reads storage.k8s.io |

-> | Microsoft.Kubernetes/connectedClusters/apis/storage.k8s.io/v1/read | Reads storage/v1 |

-> | Microsoft.Kubernetes/connectedClusters/apis/storage.k8s.io/v1beta1/read | Reads storage.k8s.io/v1beta1 |

-> | Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/read | Reads controllerrevisions |

-> | Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/write | Writes controllerrevisions |

-> | Microsoft.Kubernetes/connectedClusters/apps/controllerrevisions/delete | Deletes controllerrevisions |

-> | Microsoft.Kubernetes/connectedClusters/apps/daemonsets/read | Reads daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/apps/daemonsets/write | Writes daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/apps/daemonsets/delete | Deletes daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/apps/deployments/read | Reads deployments |

-> | Microsoft.Kubernetes/connectedClusters/apps/deployments/write | Writes deployments |

-> | Microsoft.Kubernetes/connectedClusters/apps/deployments/delete | Deletes deployments |

-> | Microsoft.Kubernetes/connectedClusters/apps/replicasets/read | Reads replicasets |

-> | Microsoft.Kubernetes/connectedClusters/apps/replicasets/write | Writes replicasets |

-> | Microsoft.Kubernetes/connectedClusters/apps/replicasets/delete | Deletes replicasets |

-> | Microsoft.Kubernetes/connectedClusters/apps/statefulsets/read | Reads statefulsets |

-> | Microsoft.Kubernetes/connectedClusters/apps/statefulsets/write | Writes statefulsets |

-> | Microsoft.Kubernetes/connectedClusters/apps/statefulsets/delete | Deletes statefulsets |

-> | Microsoft.Kubernetes/connectedClusters/authentication.k8s.io/tokenreviews/write | Writes tokenreviews |

-> | Microsoft.Kubernetes/connectedClusters/authentication.k8s.io/userextras/impersonate/action | Impersonate userextras |

-> | Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/localsubjectaccessreviews/write | Writes localsubjectaccessreviews |

-> | Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/selfsubjectaccessreviews/write | Writes selfsubjectaccessreviews |

-> | Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/selfsubjectrulesreviews/write | Writes selfsubjectrulesreviews |

-> | Microsoft.Kubernetes/connectedClusters/authorization.k8s.io/subjectaccessreviews/write | Writes subjectaccessreviews |

-> | Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/read | Reads horizontalpodautoscalers |

-> | Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/write | Writes horizontalpodautoscalers |

-> | Microsoft.Kubernetes/connectedClusters/autoscaling/horizontalpodautoscalers/delete | Deletes horizontalpodautoscalers |

-> | Microsoft.Kubernetes/connectedClusters/batch/cronjobs/read | Reads cronjobs |

-> | Microsoft.Kubernetes/connectedClusters/batch/cronjobs/write | Writes cronjobs |

-> | Microsoft.Kubernetes/connectedClusters/batch/cronjobs/delete | Deletes cronjobs |

-> | Microsoft.Kubernetes/connectedClusters/batch/jobs/read | Reads jobs |

-> | Microsoft.Kubernetes/connectedClusters/batch/jobs/write | Writes jobs |

-> | Microsoft.Kubernetes/connectedClusters/batch/jobs/delete | Deletes jobs |

-> | Microsoft.Kubernetes/connectedClusters/bindings/write | Writes bindings |

-> | Microsoft.Kubernetes/connectedClusters/certificates.k8s.io/certificatesigningrequests/read | Reads certificatesigningrequests |

-> | Microsoft.Kubernetes/connectedClusters/certificates.k8s.io/certificatesigningrequests/write | Writes certificatesigningrequests |

-> | Microsoft.Kubernetes/connectedClusters/certificates.k8s.io/certificatesigningrequests/delete | Deletes certificatesigningrequests |

-> | Microsoft.Kubernetes/connectedClusters/componentstatuses/read | Reads componentstatuses |

-> | Microsoft.Kubernetes/connectedClusters/componentstatuses/write | Writes componentstatuses |

-> | Microsoft.Kubernetes/connectedClusters/componentstatuses/delete | Deletes componentstatuses |

-> | Microsoft.Kubernetes/connectedClusters/configmaps/read | Reads configmaps |

-> | Microsoft.Kubernetes/connectedClusters/configmaps/write | Writes configmaps |

-> | Microsoft.Kubernetes/connectedClusters/configmaps/delete | Deletes configmaps |

-> | Microsoft.Kubernetes/connectedClusters/coordination.k8s.io/leases/read | Reads leases |

-> | Microsoft.Kubernetes/connectedClusters/coordination.k8s.io/leases/write | Writes leases |

-> | Microsoft.Kubernetes/connectedClusters/coordination.k8s.io/leases/delete | Deletes leases |

-> | Microsoft.Kubernetes/connectedClusters/discovery.k8s.io/endpointslices/read | Reads endpointslices |

-> | Microsoft.Kubernetes/connectedClusters/discovery.k8s.io/endpointslices/write | Writes endpointslices |

-> | Microsoft.Kubernetes/connectedClusters/discovery.k8s.io/endpointslices/delete | Deletes endpointslices |

-> | Microsoft.Kubernetes/connectedClusters/endpoints/read | Reads endpoints |

-> | Microsoft.Kubernetes/connectedClusters/endpoints/write | Writes endpoints |

-> | Microsoft.Kubernetes/connectedClusters/endpoints/delete | Deletes endpoints |

-> | Microsoft.Kubernetes/connectedClusters/events/read | Reads events |

-> | Microsoft.Kubernetes/connectedClusters/events/write | Writes events |

-> | Microsoft.Kubernetes/connectedClusters/events/delete | Deletes events |

-> | Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/read | Reads events |

-> | Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/write | Writes events |

-> | Microsoft.Kubernetes/connectedClusters/events.k8s.io/events/delete | Deletes events |

-> | Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/read | Reads daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/write | Writes daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/extensions/daemonsets/delete | Deletes daemonsets |

-> | Microsoft.Kubernetes/connectedClusters/extensions/deployments/read | Reads deployments |

-> | Microsoft.Kubernetes/connectedClusters/extensions/deployments/write | Writes deployments |

-> | Microsoft.Kubernetes/connectedClusters/extensions/deployments/delete | Deletes deployments |

-> | Microsoft.Kubernetes/connectedClusters/extensions/ingresses/read | Reads ingresses |

-> | Microsoft.Kubernetes/connectedClusters/extensions/ingresses/write | Writes ingresses |

-> | Microsoft.Kubernetes/connectedClusters/extensions/ingresses/delete | Deletes ingresses |

-> | Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/read | Reads networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/write | Writes networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/networkpolicies/delete | Deletes networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/podsecuritypolicies/read | Reads podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/podsecuritypolicies/write | Writes podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/podsecuritypolicies/delete | Deletes podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/extensions/replicasets/read | Reads replicasets |

-> | Microsoft.Kubernetes/connectedClusters/extensions/replicasets/write | Writes replicasets |

-> | Microsoft.Kubernetes/connectedClusters/extensions/replicasets/delete | Deletes replicasets |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/flowschemas/read | Reads flowschemas |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/flowschemas/write | Writes flowschemas |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/flowschemas/delete | Deletes flowschemas |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/prioritylevelconfigurations/read | Reads prioritylevelconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/prioritylevelconfigurations/write | Writes prioritylevelconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/flowcontrol.apiserver.k8s.io/prioritylevelconfigurations/delete | Deletes prioritylevelconfigurations |

-> | Microsoft.Kubernetes/connectedClusters/groups/impersonate/action | Impersonate groups |

-> | Microsoft.Kubernetes/connectedClusters/healthz/read | Reads healthz |

-> | Microsoft.Kubernetes/connectedClusters/healthz/autoregister-completion/read | Reads autoregister-completion |

-> | Microsoft.Kubernetes/connectedClusters/healthz/etcd/read | Reads etcd |

-> | Microsoft.Kubernetes/connectedClusters/healthz/log/read | Reads log |

-> | Microsoft.Kubernetes/connectedClusters/healthz/ping/read | Reads ping |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/apiservice-openapi-controller/read | Reads apiservice-openapi-controller |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/apiservice-registration-controller/read | Reads apiservice-registration-controller |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/apiservice-status-available-controller/read | Reads apiservice-status-available-controller |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/bootstrap-controller/read | Reads bootstrap-controller |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/ca-registration/read | Reads ca-registration |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/crd-informer-synced/read | Reads crd-informer-synced |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/generic-apiserver-start-informers/read | Reads generic-apiserver-start-informers |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/kube-apiserver-autoregistration/read | Reads kube-apiserver-autoregistration |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/rbac/bootstrap-roles/read | Reads bootstrap-roles |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/scheduling/bootstrap-system-priority-classes/read | Reads bootstrap-system-priority-classes |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/start-apiextensions-controllers/read | Reads start-apiextensions-controllers |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/start-apiextensions-informers/read | Reads start-apiextensions-informers |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/start-kube-aggregator-informers/read | Reads start-kube-aggregator-informers |

-> | Microsoft.Kubernetes/connectedClusters/healthz/poststarthook/start-kube-apiserver-admission-initializer/read | Reads start-kube-apiserver-admission-initializer |

-> | Microsoft.Kubernetes/connectedClusters/limitranges/read | Reads limitranges |

-> | Microsoft.Kubernetes/connectedClusters/limitranges/write | Writes limitranges |

-> | Microsoft.Kubernetes/connectedClusters/limitranges/delete | Deletes limitranges |

-> | Microsoft.Kubernetes/connectedClusters/livez/read | Reads livez |

-> | Microsoft.Kubernetes/connectedClusters/livez/autoregister-completion/read | Reads autoregister-completion |

-> | Microsoft.Kubernetes/connectedClusters/livez/etcd/read | Reads etcd |

-> | Microsoft.Kubernetes/connectedClusters/livez/log/read | Reads log |

-> | Microsoft.Kubernetes/connectedClusters/livez/ping/read | Reads ping |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/apiservice-openapi-controller/read | Reads apiservice-openapi-controller |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/apiservice-registration-controller/read | Reads apiservice-registration-controller |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/apiservice-status-available-controller/read | Reads apiservice-status-available-controller |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/bootstrap-controller/read | Reads bootstrap-controller |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/ca-registration/read | Reads ca-registration |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/crd-informer-synced/read | Reads crd-informer-synced |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/generic-apiserver-start-informers/read | Reads generic-apiserver-start-informers |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/kube-apiserver-autoregistration/read | Reads kube-apiserver-autoregistration |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/rbac/bootstrap-roles/read | Reads bootstrap-roles |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/scheduling/bootstrap-system-priority-classes/read | Reads bootstrap-system-priority-classes |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/start-apiextensions-controllers/read | Reads start-apiextensions-controllers |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/start-apiextensions-informers/read | Reads start-apiextensions-informers |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/start-kube-aggregator-informers/read | Reads start-kube-aggregator-informers |

-> | Microsoft.Kubernetes/connectedClusters/livez/poststarthook/start-kube-apiserver-admission-initializer/read | Reads start-kube-apiserver-admission-initializer |

-> | Microsoft.Kubernetes/connectedClusters/logs/read | Reads logs |

-> | Microsoft.Kubernetes/connectedClusters/metrics/read | Reads metrics |

-> | Microsoft.Kubernetes/connectedClusters/metrics.k8s.io/nodes/read | Reads nodes |

-> | Microsoft.Kubernetes/connectedClusters/metrics.k8s.io/pods/read | Reads pods |

-> | Microsoft.Kubernetes/connectedClusters/namespaces/read | Reads namespaces |

-> | Microsoft.Kubernetes/connectedClusters/namespaces/write | Writes namespaces |

-> | Microsoft.Kubernetes/connectedClusters/namespaces/delete | Deletes namespaces |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingressclasses/read | Reads ingressclasses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingressclasses/write | Writes ingressclasses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingressclasses/delete | Deletes ingressclasses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/read | Reads ingresses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/write | Writes ingresses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/ingresses/delete | Deletes ingresses |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/read | Reads networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/write | Writes networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/networking.k8s.io/networkpolicies/delete | Deletes networkpolicies |

-> | Microsoft.Kubernetes/connectedClusters/node.k8s.io/runtimeclasses/read | Reads runtimeclasses |

-> | Microsoft.Kubernetes/connectedClusters/node.k8s.io/runtimeclasses/write | Writes runtimeclasses |

-> | Microsoft.Kubernetes/connectedClusters/node.k8s.io/runtimeclasses/delete | Deletes runtimeclasses |

-> | Microsoft.Kubernetes/connectedClusters/nodes/read | Reads nodes |

-> | Microsoft.Kubernetes/connectedClusters/nodes/write | Writes nodes |

-> | Microsoft.Kubernetes/connectedClusters/nodes/delete | Deletes nodes |

-> | Microsoft.Kubernetes/connectedClusters/openapi/v2/read | Reads v2 |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/read | Reads persistentvolumeclaims |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/write | Writes persistentvolumeclaims |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumeclaims/delete | Deletes persistentvolumeclaims |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumes/read | Reads persistentvolumes |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumes/write | Writes persistentvolumes |

-> | Microsoft.Kubernetes/connectedClusters/persistentvolumes/delete | Deletes persistentvolumes |

-> | Microsoft.Kubernetes/connectedClusters/pods/read | Reads pods |

-> | Microsoft.Kubernetes/connectedClusters/pods/write | Writes pods |

-> | Microsoft.Kubernetes/connectedClusters/pods/delete | Deletes pods |

-> | Microsoft.Kubernetes/connectedClusters/pods/exec/action | Exec into a pod |

-> | Microsoft.Kubernetes/connectedClusters/podtemplates/read | Reads podtemplates |

-> | Microsoft.Kubernetes/connectedClusters/podtemplates/write | Writes podtemplates |

-> | Microsoft.Kubernetes/connectedClusters/podtemplates/delete | Deletes podtemplates |

-> | Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/read | Reads poddisruptionbudgets |

-> | Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/write | Writes poddisruptionbudgets |

-> | Microsoft.Kubernetes/connectedClusters/policy/poddisruptionbudgets/delete | Deletes poddisruptionbudgets |

-> | Microsoft.Kubernetes/connectedClusters/policy/podsecuritypolicies/read | Reads podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/policy/podsecuritypolicies/write | Writes podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/policy/podsecuritypolicies/delete | Deletes podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/policy/podsecuritypolicies/use/action | Use action on podsecuritypolicies |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterrolebindings/read | Reads clusterrolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterrolebindings/write | Writes clusterrolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterrolebindings/delete | Deletes clusterrolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterroles/read | Reads clusterroles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterroles/write | Writes clusterroles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterroles/delete | Deletes clusterroles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterroles/bind/action | Binds clusterroles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/clusterroles/escalate/action | Escalates |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/read | Reads rolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/write | Writes rolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/rolebindings/delete | Deletes rolebindings |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/read | Reads roles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/write | Writes roles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/delete | Deletes roles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/bind/action | Binds roles |

-> | Microsoft.Kubernetes/connectedClusters/rbac.authorization.k8s.io/roles/escalate/action | Escalates roles |

-> | Microsoft.Kubernetes/connectedClusters/readyz/read | Reads readyz |

-> | Microsoft.Kubernetes/connectedClusters/readyz/autoregister-completion/read | Reads autoregister-completion |

-> | Microsoft.Kubernetes/connectedClusters/readyz/etcd/read | Reads etcd |

-> | Microsoft.Kubernetes/connectedClusters/readyz/log/read | Reads log |

-> | Microsoft.Kubernetes/connectedClusters/readyz/ping/read | Reads ping |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/apiservice-openapi-controller/read | Reads apiservice-openapi-controller |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/apiservice-registration-controller/read | Reads apiservice-registration-controller |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/apiservice-status-available-controller/read | Reads apiservice-status-available-controller |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/bootstrap-controller/read | Reads bootstrap-controller |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/ca-registration/read | Reads ca-registration |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/crd-informer-synced/read | Reads crd-informer-synced |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/generic-apiserver-start-informers/read | Reads generic-apiserver-start-informers |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/kube-apiserver-autoregistration/read | Reads kube-apiserver-autoregistration |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/rbac/bootstrap-roles/read | Reads bootstrap-roles |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/scheduling/bootstrap-system-priority-classes/read | Reads bootstrap-system-priority-classes |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/start-apiextensions-controllers/read | Reads start-apiextensions-controllers |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/start-apiextensions-informers/read | Reads start-apiextensions-informers |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/start-kube-aggregator-informers/read | Reads start-kube-aggregator-informers |

-> | Microsoft.Kubernetes/connectedClusters/readyz/poststarthook/start-kube-apiserver-admission-initializer/read | Reads start-kube-apiserver-admission-initializer |

-> | Microsoft.Kubernetes/connectedClusters/readyz/shutdown/read | Reads shutdown |

-> | Microsoft.Kubernetes/connectedClusters/replicationcontrollers/read | Reads replicationcontrollers |

-> | Microsoft.Kubernetes/connectedClusters/replicationcontrollers/write | Writes replicationcontrollers |

-> | Microsoft.Kubernetes/connectedClusters/replicationcontrollers/delete | Deletes replicationcontrollers |

-> | Microsoft.Kubernetes/connectedClusters/resetMetrics/read | Reads resetMetrics |

-> | Microsoft.Kubernetes/connectedClusters/resourcequotas/read | Reads resourcequotas |

-> | Microsoft.Kubernetes/connectedClusters/resourcequotas/write | Writes resourcequotas |

-> | Microsoft.Kubernetes/connectedClusters/resourcequotas/delete | Deletes resourcequotas |

-> | Microsoft.Kubernetes/connectedClusters/scheduling.k8s.io/priorityclasses/read | Reads priorityclasses |

-> | Microsoft.Kubernetes/connectedClusters/scheduling.k8s.io/priorityclasses/write | Writes priorityclasses |

-> | Microsoft.Kubernetes/connectedClusters/scheduling.k8s.io/priorityclasses/delete | Deletes priorityclasses |

-> | Microsoft.Kubernetes/connectedClusters/secrets/read | Reads secrets |

-> | Microsoft.Kubernetes/connectedClusters/secrets/write | Writes secrets |

-> | Microsoft.Kubernetes/connectedClusters/secrets/delete | Deletes secrets |

-> | Microsoft.Kubernetes/connectedClusters/serviceaccounts/read | Reads serviceaccounts |

-> | Microsoft.Kubernetes/connectedClusters/serviceaccounts/write | Writes serviceaccounts |

-> | Microsoft.Kubernetes/connectedClusters/serviceaccounts/delete | Deletes serviceaccounts |

-> | Microsoft.Kubernetes/connectedClusters/serviceaccounts/impersonate/action | Impersonate serviceaccounts |

-> | Microsoft.Kubernetes/connectedClusters/services/read | Reads services |

-> | Microsoft.Kubernetes/connectedClusters/services/write | Writes services |

-> | Microsoft.Kubernetes/connectedClusters/services/delete | Deletes services |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csidrivers/read | Reads csidrivers |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csidrivers/write | Writes csidrivers |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csidrivers/delete | Deletes csidrivers |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csinodes/read | Reads csinodes |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csinodes/write | Writes csinodes |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csinodes/delete | Deletes csinodes |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csistoragecapacities/read | Reads csistoragecapacities |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csistoragecapacities/write | Writes csistoragecapacities |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/csistoragecapacities/delete | Deletes csistoragecapacities |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/storageclasses/read | Reads storageclasses |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/storageclasses/write | Writes storageclasses |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/storageclasses/delete | Deletes storageclasses |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/volumeattachments/read | Reads volumeattachments |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/volumeattachments/write | Writes volumeattachments |

-> | Microsoft.Kubernetes/connectedClusters/storage.k8s.io/volumeattachments/delete | Deletes volumeattachments |

-> | Microsoft.Kubernetes/connectedClusters/swagger-api/read | Reads swagger-api |

-> | Microsoft.Kubernetes/connectedClusters/swagger-ui/read | Reads swagger-ui |

-> | Microsoft.Kubernetes/connectedClusters/ui/read | Reads ui |

-> | Microsoft.Kubernetes/connectedClusters/users/impersonate/action | Impersonate users |

-> | Microsoft.Kubernetes/connectedClusters/version/read | Reads version |

-## Microsoft.KubernetesConfiguration

-Azure service: [Azure Kubernetes Service (AKS)](/azure/aks/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.KubernetesConfiguration/register/action | Registers subscription to Microsoft.KubernetesConfiguration resource provider. |

-> | Microsoft.KubernetesConfiguration/unregister/action | Unregisters subscription from Microsoft.KubernetesConfiguration resource provider. |

-> | Microsoft.KubernetesConfiguration/extensions/write | Creates or updates extension resource. |

-> | Microsoft.KubernetesConfiguration/extensions/read | Gets extension instance resource. |

-> | Microsoft.KubernetesConfiguration/extensions/delete | Deletes extension instance resource. |

-> | Microsoft.KubernetesConfiguration/extensions/operations/read | Gets Async Operation status. |

-> | Microsoft.KubernetesConfiguration/extensionTypes/read | Gets extension type. |

-> | Microsoft.KubernetesConfiguration/fluxConfigurations/write | Creates or updates flux configuration. |

-> | Microsoft.KubernetesConfiguration/fluxConfigurations/read | Gets flux configuration. |

-> | Microsoft.KubernetesConfiguration/fluxConfigurations/delete | Deletes flux configuration. |

-> | Microsoft.KubernetesConfiguration/fluxConfigurations/operations/read | Gets Async Operation status for flux configuration. |

-> | Microsoft.KubernetesConfiguration/namespaces/read | Get Namespace Resource |

-> | Microsoft.KubernetesConfiguration/namespaces/listUserCredential/action | Get User Credentials for the parent cluster of the namespace resource. |

-> | Microsoft.KubernetesConfiguration/operations/read | Gets available operations of the Microsoft.KubernetesConfiguration resource provider. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/write | Creates or updates private link scope. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/delete | Deletes private link scope. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/read | Gets private link scope |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/write | Creates or updates private endpoint connection proxy. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/delete | Deletes private endpoint connection proxy |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/read | Gets private endpoint connection proxy. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/validate/action | Validates private endpoint connection proxy object. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/updatePrivateEndpointProperties/action | Updates patch on private endpoint connection proxy. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnectionProxies/operations/read | Gets private endpoint connection proxies operation. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnections/write | Creates or updates private endpoint connection. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnections/delete | Deletes private endpoint connection. |

-> | Microsoft.KubernetesConfiguration/privateLinkScopes/privateEndpointConnections/read | Gets private endpoint connection. |

-> | Microsoft.KubernetesConfiguration/sourceControlConfigurations/write | Creates or updates source control configuration. |

-> | Microsoft.KubernetesConfiguration/sourceControlConfigurations/read | Gets source control configuration. |

-> | Microsoft.KubernetesConfiguration/sourceControlConfigurations/delete | Deletes source control configuration. |

-## Microsoft.DataFactory

-Azure service: [Data Factory](/azure/data-factory/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.DataFactory/register/action | Registers the subscription for the Data Factory Resource Provider. |

-> | Microsoft.DataFactory/unregister/action | Unregisters the subscription for the Data Factory Resource Provider. |

-> | Microsoft.DataFactory/checkazuredatafactorynameavailability/read | Checks if the Data Factory Name is available to use. |

-> | Microsoft.DataFactory/datafactories/read | Reads the Data Factory. |

-> | Microsoft.DataFactory/datafactories/write | Creates or Updates the Data Factory. |

-> | Microsoft.DataFactory/datafactories/delete | Deletes the Data Factory. |

-> | Microsoft.DataFactory/datafactories/activitywindows/read | Reads Activity Windows in the Data Factory with specified parameters. |

-> | Microsoft.DataFactory/datafactories/datapipelines/read | Reads any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/delete | Deletes any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/pause/action | Pauses any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/resume/action | Resumes any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/update/action | Updates any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/write | Creates or Updates any Pipeline. |

-> | Microsoft.DataFactory/datafactories/datapipelines/activities/activitywindows/read | Reads Activity Windows for the Pipeline Activity with specified parameters. |

-> | Microsoft.DataFactory/datafactories/datapipelines/activitywindows/read | Reads Activity Windows for the Pipeline with specified parameters. |

-> | Microsoft.DataFactory/datafactories/datasets/read | Reads any Dataset. |

-> | Microsoft.DataFactory/datafactories/datasets/delete | Deletes any Dataset. |

-> | Microsoft.DataFactory/datafactories/datasets/write | Creates or Updates any Dataset. |

-> | Microsoft.DataFactory/datafactories/datasets/activitywindows/read | Reads Activity Windows for the Dataset with specified parameters. |

-> | Microsoft.DataFactory/datafactories/datasets/sliceruns/read | Reads the Data Slice Run for the given dataset with the given start time. |

-> | Microsoft.DataFactory/datafactories/datasets/slices/read | Gets the Data Slices in the given period. |

-> | Microsoft.DataFactory/datafactories/datasets/slices/write | Update the Status of the Data Slice. |

-> | Microsoft.DataFactory/datafactories/gateways/read | Reads any Gateway. |

-> | Microsoft.DataFactory/datafactories/gateways/write | Creates or Updates any Gateway. |

-> | Microsoft.DataFactory/datafactories/gateways/delete | Deletes any Gateway. |

-> | Microsoft.DataFactory/datafactories/gateways/connectioninfo/action | Reads the Connection Info for any Gateway. |

-> | Microsoft.DataFactory/datafactories/gateways/listauthkeys/action | Lists the Authentication Keys for any Gateway. |

-> | Microsoft.DataFactory/datafactories/gateways/regenerateauthkey/action | Regenerates the Authentication Keys for any Gateway. |

-> | Microsoft.DataFactory/datafactories/linkedServices/read | Reads any Linked Service. |

-> | Microsoft.DataFactory/datafactories/linkedServices/delete | Deletes any Linked Service. |

-> | Microsoft.DataFactory/datafactories/linkedServices/write | Creates or Updates any Linked Service. |

-> | Microsoft.DataFactory/datafactories/providers/Microsoft.Insights/diagnosticSettings/read | Gets the diagnostic setting for the resource |

-> | Microsoft.DataFactory/datafactories/providers/Microsoft.Insights/diagnosticSettings/write | Creates or updates the diagnostic setting for the resource |

-> | Microsoft.DataFactory/datafactories/providers/Microsoft.Insights/metricDefinitions/read | Gets the available metrics for datafactories |

-> | Microsoft.DataFactory/datafactories/runs/loginfo/read | Reads a SAS URI to a blob container containing the logs. |

-> | Microsoft.DataFactory/datafactories/tables/read | Reads any Dataset. |

-> | Microsoft.DataFactory/datafactories/tables/delete | Deletes any Dataset. |

-> | Microsoft.DataFactory/datafactories/tables/write | Creates or Updates any Dataset. |

-> | Microsoft.DataFactory/factories/read | Reads Data Factory. |

-> | Microsoft.DataFactory/factories/write | Create or Update Data Factory |

-> | Microsoft.DataFactory/factories/delete | Deletes Data Factory. |

-> | Microsoft.DataFactory/factories/createdataflowdebugsession/action | Creates a Data Flow debug session. |

-> | Microsoft.DataFactory/factories/startdataflowdebugsession/action | Starts a Data Flow debug session. |

-> | Microsoft.DataFactory/factories/addDataFlowToDebugSession/action | Add Data Flow to debug session for preview. |

-> | Microsoft.DataFactory/factories/executeDataFlowDebugCommand/action | Execute Data Flow debug command. |

-> | Microsoft.DataFactory/factories/deletedataflowdebugsession/action | Deletes a Data Flow debug session. |

-> | Microsoft.DataFactory/factories/querydataflowdebugsessions/action | Queries a Data Flow debug session. |

-> | Microsoft.DataFactory/factories/cancelpipelinerun/action | Cancels the pipeline run specified by the run ID. |

-> | Microsoft.DataFactory/factories/cancelSandboxPipelineRun/action | Cancels a debug run for the Pipeline. |

-> | Microsoft.DataFactory/factories/sandboxpipelineruns/action | Queries the Debug Pipeline Runs. |

-> | Microsoft.DataFactory/factories/querytriggers/action | Queries the Triggers. |

-> | Microsoft.DataFactory/factories/getFeatureValue/action | Get exposure control feature value for the specific location. |

-> | Microsoft.DataFactory/factories/queryFeaturesValue/action | Get exposure control feature values for a list of features |

-> | Microsoft.DataFactory/factories/getDataPlaneAccess/action | Gets access to ADF DataPlane service. |

-> | Microsoft.DataFactory/factories/getGitHubAccessToken/action | Gets GitHub access token. |

-> | Microsoft.DataFactory/factories/querytriggerruns/action | Queries the Trigger Runs. |

-> | Microsoft.DataFactory/factories/querypipelineruns/action | Queries the Pipeline Runs. |

-> | Microsoft.DataFactory/factories/querydebugpipelineruns/action | Queries the Debug Pipeline Runs. |

-> | Microsoft.DataFactory/factories/adfcdcs/read | Reads ADF Change data capture. |

-> | Microsoft.DataFactory/factories/adfcdcs/delete | Deletes ADF Change data capture. |

-> | Microsoft.DataFactory/factories/adfcdcs/write | Create or update ADF Change data capture. |

-> | Microsoft.DataFactory/factories/adflinkconnections/read | Reads ADF Link Connection. |

-> | Microsoft.DataFactory/factories/adflinkconnections/delete | Deletes ADF Link Connection. |

-> | Microsoft.DataFactory/factories/adflinkconnections/write | Create or update ADF Link Connection |

-> | Microsoft.DataFactory/factories/credentials/read | Reads any Credential. |

-> | Microsoft.DataFactory/factories/credentials/write | Writes any Credential. |

-> | Microsoft.DataFactory/factories/credentials/delete | Deletes any Credential. |

-> | Microsoft.DataFactory/factories/dataflows/read | Reads Data Flow. |

-> | Microsoft.DataFactory/factories/dataflows/delete | Deletes Data Flow. |

-> | Microsoft.DataFactory/factories/dataflows/write | Create or update Data Flow |

-> | Microsoft.DataFactory/factories/dataMappers/read | Reads Data Mapping. |

-> | Microsoft.DataFactory/factories/dataMappers/delete | Deletes Data Mapping. |

-> | Microsoft.DataFactory/factories/dataMappers/write | Create or update Data Mapping |

-> | Microsoft.DataFactory/factories/datasets/read | Reads any Dataset. |

-> | Microsoft.DataFactory/factories/datasets/delete | Deletes any Dataset. |

-> | Microsoft.DataFactory/factories/datasets/write | Creates or Updates any Dataset. |

-> | Microsoft.DataFactory/factories/debugpipelineruns/cancel/action | Cancels a debug run for the Pipeline. |

-> | Microsoft.DataFactory/factories/getDataPlaneAccess/read | Reads access to ADF DataPlane service. |

-> | Microsoft.DataFactory/factories/getFeatureValue/read | Reads exposure control feature value for the specific location. |

-> | Microsoft.DataFactory/factories/globalParameters/read | Reads GlobalParameter. |

-> | Microsoft.DataFactory/factories/globalParameters/delete | Deletes GlobalParameter. |

-> | Microsoft.DataFactory/factories/globalParameters/write | Create or Update GlobalParameter. |

-> | Microsoft.DataFactory/factories/integrationruntimes/read | Reads any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/write | Creates or Updates any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/delete | Deletes any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/start/action | Starts any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/stop/action | Stops any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/getconnectioninfo/action | Reads Integration Runtime Connection Info. |

-> | Microsoft.DataFactory/factories/integrationruntimes/listauthkeys/action | Lists the Authentication Keys for any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/synccredentials/action | Syncs the Credentials for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/upgrade/action | Upgrades the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/createexpressshirinstalllink/action | Create express install link for self hosted Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/regenerateauthkey/action | Regenerates the Authentication Keys for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/removelinks/action | Removes Linked Integration Runtime References from the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/linkedIntegrationRuntime/action | Create Linked Integration Runtime Reference on the Specified Shared Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/getObjectMetadata/action | Get SSIS Integration Runtime metadata for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/refreshObjectMetadata/action | Refresh SSIS Integration Runtime metadata for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/enableInteractiveQuery/action | Enable interactive authoring session. |

-> | Microsoft.DataFactory/factories/integrationruntimes/disableInteractiveQuery/action | Disable interactive authoring session. |

-> | Microsoft.DataFactory/factories/integrationruntimes/getstatus/read | Reads Integration Runtime Status. |

-> | Microsoft.DataFactory/factories/integrationruntimes/monitoringdata/read | Gets the Monitoring Data for any Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/nodes/read | Reads the Node for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/nodes/delete | Deletes the Node for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/nodes/write | Updates a self-hosted Integration Runtime Node. |

-> | Microsoft.DataFactory/factories/integrationruntimes/nodes/ipAddress/action | Returns the IP Address for the specified node of the Integration Runtime. |

-> | Microsoft.DataFactory/factories/integrationruntimes/outboundNetworkDependenciesEndpoints/read | Get Azure-SSIS Integration Runtime outbound network dependency endpoints for the specified Integration Runtime. |

-> | Microsoft.DataFactory/factories/linkedServices/read | Reads Linked Service. |

-> | Microsoft.DataFactory/factories/linkedServices/delete | Deletes Linked Service. |

-> | Microsoft.DataFactory/factories/linkedServices/write | Create or Update Linked Service |

-> | Microsoft.DataFactory/factories/managedVirtualNetworks/read | Read Managed Virtual Network. |

-> | Microsoft.DataFactory/factories/managedVirtualNetworks/write | Create or Update Managed Virtual Network. |

-> | Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints/read | Read Managed Private Endpoint. |

-> | Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints/write | Create or Update Managed Private Endpoint. |

-> | Microsoft.DataFactory/factories/managedVirtualNetworks/managedPrivateEndpoints/delete | Delete Managed Private Endpoint. |

-> | Microsoft.DataFactory/factories/operationResults/read | Gets operation results. |

-> | Microsoft.DataFactory/factories/pipelineruns/read | Reads the Pipeline Runs. |

-> | Microsoft.DataFactory/factories/pipelineruns/cancel/action | Cancels the pipeline run specified by the run ID. |

-> | Microsoft.DataFactory/factories/pipelineruns/queryactivityruns/action | Queries the activity runs for the specified pipeline run ID. |

-> | Microsoft.DataFactory/factories/pipelineruns/activityruns/read | Reads the activity runs for the specified pipeline run ID. |

-> | Microsoft.DataFactory/factories/pipelineruns/queryactivityruns/read | Reads the result of query activity runs for the specified pipeline run ID. |

-> | Microsoft.DataFactory/factories/pipelines/read | Reads Pipeline. |

-> | Microsoft.DataFactory/factories/pipelines/delete | Deletes Pipeline. |

-> | Microsoft.DataFactory/factories/pipelines/write | Create or Update Pipeline |

-> | Microsoft.DataFactory/factories/pipelines/createrun/action | Creates a run for the Pipeline. |

-> | Microsoft.DataFactory/factories/pipelines/sandbox/action | Creates a debug run environment for the Pipeline. |

-> | Microsoft.DataFactory/factories/pipelines/pipelineruns/read | Reads the Pipeline Run. |

-> | Microsoft.DataFactory/factories/pipelines/pipelineruns/activityruns/progress/read | Gets the Progress of Activity Runs. |

-> | Microsoft.DataFactory/factories/pipelines/sandbox/create/action | Creates a debug run environment for the Pipeline. |

-> | Microsoft.DataFactory/factories/pipelines/sandbox/run/action | Creates a debug run for the Pipeline. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/read | Read Private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/write | Create or Update private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/delete | Delete Private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/validate/action | Validate a Private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/operationresults/read | Read the results of creating a Private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnectionProxies/operationstatuses/read | Read the status of creating a Private Endpoint Connection Proxy. |

-> | Microsoft.DataFactory/factories/privateEndpointConnections/read | Read Private Endpoint Connection. |

-> | Microsoft.DataFactory/factories/privateEndpointConnections/write | Create or Update Private Endpoint Connection. |

-> | Microsoft.DataFactory/factories/privateEndpointConnections/delete | Delete Private Endpoint Connection. |

-> | Microsoft.DataFactory/factories/privateLinkResources/read | Read Private Link Resource. |

-> | Microsoft.DataFactory/factories/providers/Microsoft.Insights/diagnosticSettings/read | Gets the diagnostic setting for the resource |

-> | Microsoft.DataFactory/factories/providers/Microsoft.Insights/diagnosticSettings/write | Creates or updates the diagnostic setting for the resource |

-> | Microsoft.DataFactory/factories/providers/Microsoft.Insights/logDefinitions/read | Gets the available logs for factories |

-> | Microsoft.DataFactory/factories/providers/Microsoft.Insights/metricDefinitions/read | Gets the available metrics for factories |

-> | Microsoft.DataFactory/factories/queryFeaturesValue/read | Reads exposure control feature values for a list of features. |

-> | Microsoft.DataFactory/factories/querypipelineruns/read | Reads the Result of Query Pipeline Runs. |

-> | Microsoft.DataFactory/factories/querytriggerruns/read | Reads the Result of Trigger Runs. |

-> | Microsoft.DataFactory/factories/sandboxpipelineruns/read | Gets the debug run info for the Pipeline. |

-> | Microsoft.DataFactory/factories/sandboxpipelineruns/sandboxActivityRuns/read | Gets the debug run info for the Activity. |

-> | Microsoft.DataFactory/factories/sessions/write | Writes any Session. |

-> | Microsoft.DataFactory/factories/triggerruns/read | Reads the Trigger Runs. |

-> | Microsoft.DataFactory/factories/triggers/read | Reads any Trigger. |

-> | Microsoft.DataFactory/factories/triggers/write | Creates or Updates any Trigger. |

-> | Microsoft.DataFactory/factories/triggers/delete | Deletes any Trigger. |

-> | Microsoft.DataFactory/factories/triggers/subscribetoevents/action | Subscribe to Events. |

-> | Microsoft.DataFactory/factories/triggers/geteventsubscriptionstatus/action | Event Subscription Status. |

-> | Microsoft.DataFactory/factories/triggers/unsubscribefromevents/action | Unsubscribe from Events. |

-> | Microsoft.DataFactory/factories/triggers/querysubscriptionevents/action | Query subscription events. |

-> | Microsoft.DataFactory/factories/triggers/deletequeuedsubscriptionevents/action | Delete queued subscription events. |

-> | Microsoft.DataFactory/factories/triggers/start/action | Starts any Trigger. |

-> | Microsoft.DataFactory/factories/triggers/stop/action | Stops any Trigger. |

-> | Microsoft.DataFactory/factories/triggers/triggerruns/read | Reads the Trigger Runs. |

-> | Microsoft.DataFactory/factories/triggers/triggerruns/cancel/action | Cancel the Trigger Run with the given trigger run id. |

-> | Microsoft.DataFactory/factories/triggers/triggerruns/rerun/action | Rerun the Trigger Run with the given trigger run id. |

-> | Microsoft.DataFactory/locations/configureFactoryRepo/action | Configures the repository for the factory. |

-> | Microsoft.DataFactory/locations/getFeatureValue/action | Get exposure control feature value for the specific location. |

-> | Microsoft.DataFactory/locations/getFeatureValue/read | Reads exposure control feature value for the specific location. |

-> | Microsoft.DataFactory/operations/read | Reads all Operations in Microsoft Data Factory Provider. |

-> | **DataAction** | **Description** |

-> | Microsoft.DataFactory/factories/credentials/useSecrets/action | Uses any Credential Secret. |

-## Microsoft.DataMigration

-Azure service: [Azure Database Migration Service](/azure/dms/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.DataMigration/register/action | Registers the subscription with the Azure Database Migration Service provider |

-> | Microsoft.DataMigration/databaseMigrations/write | Create or Update Database Migration resource |

-> | Microsoft.DataMigration/databaseMigrations/delete | Delete Database Migration resource |

-> | Microsoft.DataMigration/databaseMigrations/read | Retrieve the Database Migration resource |

-> | Microsoft.DataMigration/databaseMigrations/cancel/action | Stop ongoing migration for the database |

-> | Microsoft.DataMigration/databaseMigrations/cutover/action | Cutover online migration operation for the database |

-> | Microsoft.DataMigration/locations/migrationServiceOperationResults/read | Retrieve Service Operation Results |

-> | Microsoft.DataMigration/locations/operationResults/read | Get the status of a long-running operation related to a 202 Accepted response |

-> | Microsoft.DataMigration/locations/operationStatuses/read | Get the status of a long-running operation related to a 202 Accepted response |

-> | Microsoft.DataMigration/locations/sqlMigrationServiceOperationResults/read | Retrieve Service Operation Results |

-> | Microsoft.DataMigration/migrationServices/write | Create a new or change properties of existing Service |

-> | Microsoft.DataMigration/migrationServices/delete | Delete existing Service |

-> | Microsoft.DataMigration/migrationServices/read | Retrieve details of Migration Service |

-> | Microsoft.DataMigration/migrationServices/read | Retrieve details of Migration Services in a Resource Group |

-> | Microsoft.DataMigration/migrationServices/read | Retrieve all services in the Subscription |

-> | Microsoft.DataMigration/migrationServices/listMigrations/read | |

-> | Microsoft.DataMigration/operations/read | Get all REST Operations |

-> | Microsoft.DataMigration/services/read | Read information about resources |

-> | Microsoft.DataMigration/services/write | Create or update resources and their properties |

-> | Microsoft.DataMigration/services/delete | Deletes a resource and all of its children |

-> | Microsoft.DataMigration/services/stop/action | Stop the Azure Database Migration Service to minimize its cost |

-> | Microsoft.DataMigration/services/start/action | Start the Azure Database Migration Service to allow it to process migrations again |

-> | Microsoft.DataMigration/services/checkStatus/action | Check whether the service is deployed and running |

-> | Microsoft.DataMigration/services/configureWorker/action | Configures an Azure Database Migration Service worker to the Service's availiable workers |

-> | Microsoft.DataMigration/services/addWorker/action | Adds an Azure Database Migration Service worker to the Service's availiable workers |

-> | Microsoft.DataMigration/services/removeWorker/action | Removes an Azure Database Migration Service worker to the Service's availiable workers |

-> | Microsoft.DataMigration/services/updateAgentConfig/action | Updates Azure Database Migration Service agent configuration with provided values. |

-> | Microsoft.DataMigration/services/getHybridDownloadLink/action | Gets an Azure Database Migration Service worker package download link from RP Blob Storage. |

-> | Microsoft.DataMigration/services/projects/read | Read information about resources |

-> | Microsoft.DataMigration/services/projects/write | Run tasks Azure Database Migration Service tasks |

-> | Microsoft.DataMigration/services/projects/delete | Deletes a resource and all of its children |

-> | Microsoft.DataMigration/services/projects/accessArtifacts/action | Generate a URL that can be used to GET or PUT project artifacts |

-> | Microsoft.DataMigration/services/projects/tasks/read | Read information about resources |

-> | Microsoft.DataMigration/services/projects/tasks/write | Run tasks Azure Database Migration Service tasks |

-> | Microsoft.DataMigration/services/projects/tasks/delete | Deletes a resource and all of its children |

-> | Microsoft.DataMigration/services/projects/tasks/cancel/action | Cancel the task if it's currently running |

-> | Microsoft.DataMigration/services/serviceTasks/read | Read information about resources |

-> | Microsoft.DataMigration/services/serviceTasks/write | Run tasks Azure Database Migration Service tasks |

-> | Microsoft.DataMigration/services/serviceTasks/delete | Deletes a resource and all of its children |

-> | Microsoft.DataMigration/services/serviceTasks/cancel/action | Cancel the task if it's currently running |

-> | Microsoft.DataMigration/services/slots/read | Read information about resources |

-> | Microsoft.DataMigration/services/slots/write | Create or update resources and their properties |

-> | Microsoft.DataMigration/services/slots/delete | Deletes a resource and all of its children |

-> | Microsoft.DataMigration/skus/read | Get a list of SKUs supported by Azure Database Migration Service resources. |

-> | Microsoft.DataMigration/sqlMigrationServices/write | Create a new or change properties of existing Service |

-> | Microsoft.DataMigration/sqlMigrationServices/delete | Delete existing Service |

-> | Microsoft.DataMigration/sqlMigrationServices/read | Retrieve details of Migration Service |

-> | Microsoft.DataMigration/sqlMigrationServices/read | Retrieve details of Migration Services in a Resource Group |

-> | Microsoft.DataMigration/sqlMigrationServices/listAuthKeys/action | Retrieve the List of Authentication Keys |

-> | Microsoft.DataMigration/sqlMigrationServices/regenerateAuthKeys/action | Regenerate the Authentication Keys |

-> | Microsoft.DataMigration/sqlMigrationServices/deleteNode/action | |

-> | Microsoft.DataMigration/sqlMigrationServices/listMonitoringData/action | Retrieve the Monitoring Data |

-> | Microsoft.DataMigration/sqlMigrationServices/validateIR/action | |

-> | Microsoft.DataMigration/sqlMigrationServices/read | Retrieve all services in the Subscription |

-> | Microsoft.DataMigration/sqlMigrationServices/listMigrations/read | |

-> | Microsoft.DataMigration/sqlMigrationServices/MonitoringData/read | Retrieve the Monitoring Data |

-> | Microsoft.DataMigration/sqlMigrationServices/tasks/write | Create or Update Migration Service task |

-> | Microsoft.DataMigration/sqlMigrationServices/tasks/delete | |

-> | Microsoft.DataMigration/sqlMigrationServices/tasks/read | Get Migration Service task details |

-## Microsoft.ResourceHealth

-Azure service: [Azure Service Health](/azure/service-health/)

-> | Microsoft.ResourceHealth/events/action | Endpoint to fetch details for event |

-> | Microsoft.ResourceHealth/register/action | Registers the subscription for the Microsoft ResourceHealth |

-> | Microsoft.ResourceHealth/unregister/action | Unregisters the subscription for the Microsoft ResourceHealth |

-> | Microsoft.Resourcehealth/healthevent/action | Denotes the change in health state for the specified resource |

-> | Microsoft.ResourceHealth/AvailabilityStatuses/read | Gets the availability statuses for all resources in the specified scope |

-> | Microsoft.ResourceHealth/AvailabilityStatuses/current/read | Gets the availability status for the specified resource |

-> | Microsoft.ResourceHealth/emergingissues/read | Get Azure services' emerging issues |

-> | Microsoft.ResourceHealth/events/read | Get Service Health Events for given subscription |

-> | Microsoft.ResourceHealth/events/fetchEventDetails/action | Endpoint to fetch details for event |

-> | Microsoft.ResourceHealth/events/listSecurityAdvisoryImpactedResources/action | Get Impacted Resources for a given event of type SecurityAdvisory |

-> | Microsoft.ResourceHealth/events/impactedResources/read | Get Impacted Resources for a given event |

-> | Microsoft.Resourcehealth/healthevent/Activated/action | Denotes the change in health state for the specified resource |

-> | Microsoft.Resourcehealth/healthevent/Updated/action | Denotes the change in health state for the specified resource |

-> | Microsoft.Resourcehealth/healthevent/Resolved/action | Denotes the change in health state for the specified resource |

-> | Microsoft.Resourcehealth/healthevent/InProgress/action | Denotes the change in health state for the specified resource |

-> | Microsoft.Resourcehealth/healthevent/Pending/action | Denotes the change in health state for the specified resource |

-> | Microsoft.ResourceHealth/impactedResources/read | Get Impacted Resources for given subscription |

-> | Microsoft.ResourceHealth/metadata/read | Gets Metadata |

-> | Microsoft.ResourceHealth/Notifications/read | Receives Azure Resource Manager notifications |

-> | Microsoft.ResourceHealth/Operations/read | Get the operations available for the Microsoft ResourceHealth |

-> | Microsoft.ResourceHealth/potentialoutages/read | Get Potential Outages for given subscription |

-Azure service: core

-## Microsoft.AVS

-Azure service: [Azure VMware Solution](/azure/azure-vmware/introduction)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.AVS/register/action | Register Subscription for Microsoft.AVS resource provider. |

-> | Microsoft.AVS/unregister/action | Unregister Subscription for Microsoft.AVS resource provider. |

-> | Microsoft.AVS/checkNameAvailability/read | Checks if the privateCloud Name is available |

-> | Microsoft.AVS/locations/checkNameAvailability/read | Checks if the privateCloud Name is available |

-> | Microsoft.AVS/locations/checkQuotaAvailability/read | Checks if quota is available for the subscription |

-> | Microsoft.AVS/locations/checkTrialAvailability/read | Checks if trial is available for the subscription |

-> | Microsoft.AVS/operations/read | Lists operations available on Microsoft.AVS resource provider. |

-> | Microsoft.AVS/privateClouds/register/action | Registers the Microsoft Microsoft.AVS resource provider and enables creation of Private Clouds. |

-> | Microsoft.AVS/privateClouds/write | Creates or updates a PrivateCloud resource. |

-> | Microsoft.AVS/privateClouds/read | Gets the settings for the specified PrivateCloud. |

-> | Microsoft.AVS/privateClouds/delete | Delete a specific PrivateCloud. |

-> | Microsoft.AVS/privateClouds/addOns/read | Read addOns. |

-> | Microsoft.AVS/privateClouds/addOns/write | Write addOns. |

-> | Microsoft.AVS/privateClouds/addOns/delete | Delete addOns. |

-> | Microsoft.AVS/privateClouds/addOns/operationStatuses/read | Read addOns operationStatuses. |

-> | Microsoft.AVS/privateClouds/authorizations/read | Gets the authorization settings for a PrivateCloud cluster. |

-> | Microsoft.AVS/privateClouds/authorizations/write | Create or update a PrivateCloud authorization resource. |

-> | Microsoft.AVS/privateClouds/authorizations/delete | Delete a specific PrivateCloud authorization. |

-> | Microsoft.AVS/privateClouds/clusters/read | Gets the cluster settings for a PrivateCloud cluster. |

-> | Microsoft.AVS/privateClouds/clusters/write | Create or update a PrivateCloud cluster resource. |

-> | Microsoft.AVS/privateClouds/clusters/delete | Delete a specific PrivateCloud cluster. |

-> | Microsoft.AVS/privateClouds/clusters/datastores/read | Get the datastore properties in a private cloud cluster. |

-> | Microsoft.AVS/privateClouds/clusters/datastores/write | Create or update datastore in private cloud cluster. |

-> | Microsoft.AVS/privateClouds/clusters/datastores/delete | Delete datastore in private cloud cluster. |

-> | Microsoft.AVS/privateclouds/clusters/datastores/operationresults/read | Read privateClouds/clusters/datastores operationresults. |

-> | Microsoft.AVS/privateClouds/clusters/datastores/operationstatuses/read | Read privateClouds/clusters/datastores operationstatuses. |

-> | Microsoft.AVS/privateclouds/clusters/operationresults/read | Reads privateClouds/clusters operationresults. |

-> | Microsoft.AVS/privateClouds/clusters/operationstatuses/read | Reads privateClouds/clusters operationstatuses. |

-> | Microsoft.AVS/privateClouds/globalReachConnections/delete | Delete globalReachConnections. |

-> | Microsoft.AVS/privateClouds/globalReachConnections/write | Write globalReachConnections. |

-> | Microsoft.AVS/privateClouds/globalReachConnections/read | Read globalReachConnections. |

-> | Microsoft.AVS/privateClouds/globalReachConnections/operationStatuses/read | Read globalReachConnections operationStatuses. |

-> | Microsoft.AVS/privateClouds/hcxEnterpriseSites/read | Gets the hcxEnterpriseSites for a PrivateCloud. |

-> | Microsoft.AVS/privateClouds/hcxEnterpriseSites/write | Create or update a hcxEnterpriseSites. |

-> | Microsoft.AVS/privateClouds/hcxEnterpriseSites/delete | Delete a specific hcxEnterpriseSites. |

-> | Microsoft.AVS/privateClouds/hostInstances/read | Gets the hostInstances for a PrivateCloud. |

-> | Microsoft.AVS/privateClouds/hostInstances/write | Create or update a hostInstances. |

-> | Microsoft.AVS/privateClouds/hostInstances/delete | Delete a specific hostInstances. |

-> | Microsoft.AVS/privateClouds/operationresults/read | Reads privateClouds operationresults. |

-> | Microsoft.AVS/privateClouds/operationstatuses/read | Reads privateClouds operationstatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dhcpConfigurations/delete | Delete dhcpConfigurations. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dhcpConfigurations/write | Write dhcpConfigurations. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dhcpConfigurations/read | Read dhcpConfigurations. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dhcpConfigurations/operationStatuses/read | Read dhcpConfigurations operationStatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsServices/delete | Delete dnsServices. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsServices/write | Write dnsServices. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsServices/read | Read dnsServices. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsServices/operationStatuses/read | Read dnsServices operationStatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsZones/delete | Delete dnsZones. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsZones/write | Write dnsZones. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsZones/read | Read dnsZones. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/dnsZones/operationStatuses/read | Read dnsZones operationStatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/gateways/read | Read gateways. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/portMirroringProfiles/delete | Delete portMirroringProfiles. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/portMirroringProfiles/write | Write portMirroringProfiles. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/portMirroringProfiles/read | Read portMirroringProfiles. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/portMirroringProfiles/operationStatuses/read | Read portMirroringProfiles operationStatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/segments/delete | Delete segments. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/segments/write | Write segments. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/segments/read | Read segments. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/segments/operationStatuses/read | Read segments operationStatuses. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/virtualMachines/read | Read virtualMachines. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/vmGroups/delete | Delete vmGroups. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/vmGroups/write | Write vmGroups. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/vmGroups/read | Read vmGroups. |

-> | Microsoft.AVS/privateClouds/workloadNetworks/vmGroups/operationStatuses/read | Read vmGroups operationStatuses. |

-> | **DataAction** | **Description** |

-> | Microsoft.AVS/privateClouds/listAdminCredentials/action | Lists the AdminCredentials for privateClouds. |

-> | Microsoft.AVS/privateClouds/rotateVcenterPassword/action | Rotate Vcenter password for the PrivateCloud. |

-> | Microsoft.AVS/privateClouds/rotateNsxtPassword/action | Rotate Nsxt CloudAdmin password for the PrivateCloud. |

-> | Microsoft.AVS/privateClouds/rotateNsxtCloudAdminPassword/action | Rotate Nsxt CloudAdmin password for the PrivateCloud. |

-## Microsoft.DataCatalog

-Azure service: [Data Catalog](/azure/data-catalog/)

-> | Microsoft.DataCatalog/checkNameAvailability/action | Checks catalog name availability for tenant. |

-> | Microsoft.DataCatalog/register/action | Registers subscription with Microsoft.DataCatalog resource provider. |

-> | Microsoft.DataCatalog/unregister/action | Unregisters subscription from Microsoft.DataCatalog resource provider. |

-> | Microsoft.DataCatalog/catalogs/read | Get properties for catalog or catalogs under subscription or resource group. |

-> | Microsoft.DataCatalog/catalogs/write | Creates catalog or updates the tags and properties for the catalog. |

-> | Microsoft.DataCatalog/catalogs/delete | Deletes the catalog. |

-> | Microsoft.DataCatalog/operations/read | Lists operations available on Microsoft.DataCatalog resource provider. |

-## Microsoft.DataBoxEdge

-Azure service: [Azure Stack Edge](/azure/databox-online/azure-stack-edge-overview)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.DataBoxEdge/availableSkus/read | Lists or gets the available skus |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/action | Performs Device Capacity Check and Returns Feasibility |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/write | Creates or updates the Data Box Edge devices |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/read | Lists or gets the Data Box Edge devices |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/delete | Deletes the Data Box Edge devices |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/getExtendedInformation/action | Retrieves resource extended information |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateExtendedInformation/action | Updates resource extended information |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/scanForUpdates/action | Scan for updates |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/downloadUpdates/action | Download Updates in device |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/installUpdates/action | Install Updates on device |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/uploadCertificate/action | Upload certificate for device registration |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/generateCertificate/action | Generate certificate |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/action | Trigger Support Package |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/alerts/read | Lists or gets the alerts |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/read | Lists or gets the bandwidth schedules |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/write | Creates or updates the bandwidth schedules |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/delete | Deletes the bandwidth schedules |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/bandwidthSchedules/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityCheck/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/deviceCapacityInfo/read | Lists or gets the device capacity information |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/diagnosticProactiveLogCollectionSettings/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/diagnosticRemoteSupportSettings/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/jobs/read | Lists or gets the jobs |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/networkSettings/read | Lists or gets the Device network settings |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/nodes/read | Lists or gets the nodes |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/operationsStatus/read | Lists or gets the operation status |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/read | Lists or gets the orders |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/write | Creates or updates the orders |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/delete | Deletes the orders |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/listDCAccessCode/action | Lists or gets the data center access code |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/orders/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/write | Creates or updates the diagnostics setting for the resource |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/diagnosticSettings/read | Gets the diagnostic setting for the resource |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/providers/Microsoft.Insights/metricDefinitions/read | Gets the available Data Box Edge device level metrics |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/action | Gets the SAS Token for a specific image |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/publishers/offers/skus/versions/generatesastoken/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/read | Lists or gets the roles |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/action | Migrates the IoT role to ASE Kubernetes role |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/write | Creates or updates the roles |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/delete | Deletes the roles |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/read | Lists or gets the addons |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/write | Creates or updates the addons |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/delete | Deletes the addons |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/addons/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/migrate/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/write | Creates or updates the monitoring configuration |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/delete | Deletes the monitoring configuration |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/read | Lists or gets the monitoring configuration |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/monitoringConfig/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/roles/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/update/action | Update security settings |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/securitySettings/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/read | Lists or gets the shares |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/write | Creates or updates the shares |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/refresh/action | Refresh the share metadata with the data from the cloud |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/delete | Deletes the shares |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/shares/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/write | Creates or updates the storage account credentials |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/read | Lists or gets the storage account credentials |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/delete | Deletes the storage account credentials |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccountCredentials/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/read | Lists or gets the Storage Accounts |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/write | Creates or updates the Storage Accounts |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/delete | Deletes the Storage Accounts |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/read | Lists or gets the Containers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/write | Creates or updates the Containers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/delete | Deletes the Containers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/refresh/action | Refresh the container metadata with the data from the cloud |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/containers/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/storageAccounts/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/read | Lists or gets the triggers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/write | Creates or updates the triggers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/delete | Deletes the triggers |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggers/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/triggerSupportPackage/operationResults/read | Lists or gets the operation result |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/updateSummary/read | Lists or gets the update summary |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/read | Lists or gets the share users |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/write | Creates or updates the share users |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/delete | Deletes the share users |

-> | Microsoft.DataBoxEdge/dataBoxEdgeDevices/users/operationResults/read | Lists or gets the operation result |

-## Microsoft.NotificationHubs

-Azure service: [Notification Hubs](/azure/notification-hubs/)

-> | Microsoft.NotificationHubs/register/action | Registers the subscription for the NotificationHubs resource provider and enables the creation of Namespaces and NotificationHubs |

-> | Microsoft.NotificationHubs/unregister/action | Unregisters the subscription for the NotificationHubs resource provider and enables the creation of Namespaces and NotificationHubs |

-> | Microsoft.NotificationHubs/CheckNamespaceAvailability/action | Checks whether or not a given Namespace resource name is available within the NotificationHub service. |

-> | Microsoft.NotificationHubs/CheckNamespaceAvailability/read | Checks whether or not a given Namespace resource name is available within the NotificationHub service. |

-> | Microsoft.NotificationHubs/Namespaces/write | Create a Namespace Resource and Update its properties. Tags and Capacity of the Namespace are the properties which can be updated. |

-> | Microsoft.NotificationHubs/Namespaces/read | Get the list of Namespace Resource Description |

-> | Microsoft.NotificationHubs/Namespaces/delete | Delete Namespace Resource |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/action | Get the list of Namespaces Authorization Rules description. |

-> | Microsoft.NotificationHubs/Namespaces/CheckNotificationHubAvailability/action | Checks whether or not a given NotificationHub name is available inside a Namespace. |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionsApproval/action | Approve Private Endpoint Connection |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/write | Create a Namespace level Authorization Rules and update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated. |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/read | Get the list of Namespaces Authorization Rules description. |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/delete | Delete Namespace Authorization Rule. The Default Namespace Authorization Rule cannot be deleted. |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/listkeys/action | Get the Connection String to the Namespace |

-> | Microsoft.NotificationHubs/Namespaces/authorizationRules/regenerateKeys/action | Namespace Authorization Rule Regenerate Primary/SecondaryKey, Specify the Key that needs to be regenerated |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/write | Create a Notification Hub and Update its properties. Its properties mainly include PNS Credentials. Authorization Rules and TTL |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/read | Get list of Notification Hub Resource Descriptions |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/delete | Delete Notification Hub Resource |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/action | Get the list of Notification Hub Authorization Rules |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/pnsCredentials/action | Get All Notification Hub PNS Credentials. This includes, WNS, MPNS, APNS, GCM and Baidu credentials |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/debugSend/action | Send a test push notification to 10 matched devices. |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/write | Create Notification Hub Authorization Rules and Update its properties. The Authorization Rules Access Rights, the Primary and Secondary Keys can be updated. |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/read | Get the list of Notification Hub Authorization Rules |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/delete | Delete Notification Hub Authorization Rules |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/listkeys/action | Get the Connection String to the Notification Hub |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/regenerateKeys/action | Notification Hub Authorization Rule Regenerate Primary/SecondaryKey, Specify the Key that needs to be regenerated |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/metricDefinitions/read | Get list of Namespace metrics Resource Descriptions |

-> | Microsoft.NotificationHubs/Namespaces/NotificationHubs/vapidkeys/read | Get new pair of VAPID keys for a Notification Hub |

-> | Microsoft.NotificationHubs/Namespaces/operations/read | Returns a list of supported operations for Notification Hubs namespaces provider |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionProxies/validate/action | Validate Private Endpoint Connection Proxy |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionProxies/read | Get Private Endpoint Connection Proxy |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionProxies/write | Create Private Endpoint Connection Proxy |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionProxies/delete | Delete Private Endpoint Connection Proxy |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnectionProxies/operationstatus/read | Get the status of an asynchronous private endpoint operation |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnections/read | Get Private Endpoint Connection |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnections/write | Create or Update Private Endpoint Connection |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnections/delete | Removes Private Endpoint Connection |

-> | Microsoft.NotificationHubs/namespaces/privateEndpointConnections/operationstatus/read | Removes Private Endpoint Connection |

-> | Microsoft.NotificationHubs/namespaces/providers/Microsoft.Insights/diagnosticSettings/read | Get Namespace diagnostic settings |

-> | Microsoft.NotificationHubs/namespaces/providers/Microsoft.Insights/diagnosticSettings/write | Create or Update Namespace diagnostic settings |

-> | Microsoft.NotificationHubs/namespaces/providers/Microsoft.Insights/logDefinitions/read | Gets the available logs for Namespace |

-> | Microsoft.NotificationHubs/operationResults/read | Returns operation results for Notification Hubs provider |

-> | Microsoft.NotificationHubs/operations/read | Returns a list of supported operations for Notification Hubs provider |

-> | Microsoft.NotificationHubs/resourceTypes/read | Gets a list of the resource types for Notification Hubs |

-## Microsoft.Batch

-Azure service: [Batch](/azure/batch/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Batch/register/action | Registers the subscription for the Batch Resource Provider and enables the creation of Batch accounts |

-> | Microsoft.Batch/unregister/action | Unregisters the subscription for the Batch Resource Provider preventing the creation of Batch accounts |

-> | Microsoft.Batch/batchAccounts/read | Lists Batch accounts or gets the properties of a Batch account |

-> | Microsoft.Batch/batchAccounts/write | Creates a new Batch account or updates an existing Batch account |

-> | Microsoft.Batch/batchAccounts/delete | Deletes a Batch account |

-> | Microsoft.Batch/batchAccounts/listkeys/action | Lists access keys for a Batch account |

-> | Microsoft.Batch/batchAccounts/regeneratekeys/action | Regenerates access keys for a Batch account |

-> | Microsoft.Batch/batchAccounts/syncAutoStorageKeys/action | Synchronizes access keys for the auto storage account configured for a Batch account |

-> | Microsoft.Batch/batchAccounts/applications/read | Lists applications or gets the properties of an application |

-> | Microsoft.Batch/batchAccounts/applications/write | Creates a new application or updates an existing application |

-> | Microsoft.Batch/batchAccounts/applications/delete | Deletes an application |

-> | Microsoft.Batch/batchAccounts/applications/versions/read | Gets the properties of an application package |

-> | Microsoft.Batch/batchAccounts/applications/versions/write | Creates a new application package or updates an existing application package |

-> | Microsoft.Batch/batchAccounts/applications/versions/delete | Deletes an application package |

-> | Microsoft.Batch/batchAccounts/applications/versions/activate/action | Activates an application package |

-> | Microsoft.Batch/batchAccounts/certificateOperationResults/read | Gets the results of a long running certificate operation on a Batch account |

-> | Microsoft.Batch/batchAccounts/certificates/read | Lists certificates on a Batch account or gets the properties of a certificate |

-> | Microsoft.Batch/batchAccounts/certificates/write | Creates a new certificate on a Batch account or updates an existing certificate |

-> | Microsoft.Batch/batchAccounts/certificates/delete | Deletes a certificate from a Batch account |

-> | Microsoft.Batch/batchAccounts/certificates/cancelDelete/action | Cancels the failed deletion of a certificate on a Batch account |

-> | Microsoft.Batch/batchAccounts/detectors/read | Gets AppLens Detector or Lists AppLens Detectors on a Batch account |

-> | Microsoft.Batch/batchAccounts/operationResults/read | Gets the results of a long running Batch account operation |

-> | Microsoft.Batch/batchAccounts/outboundNetworkDependenciesEndpoints/read | Lists the outbound network dependency endpoints for a Batch account |

-> | Microsoft.Batch/batchAccounts/poolOperationResults/read | Gets the results of a long running pool operation on a Batch account |

-> | Microsoft.Batch/batchAccounts/pools/read | Lists pools on a Batch account or gets the properties of a pool |

-> | Microsoft.Batch/batchAccounts/pools/write | Creates a new pool on a Batch account or updates an existing pool |

-> | Microsoft.Batch/batchAccounts/pools/delete | Deletes a pool from a Batch account |

-> | Microsoft.Batch/batchAccounts/pools/stopResize/action | Stops an ongoing resize operation on a Batch account pool |

-> | Microsoft.Batch/batchAccounts/pools/disableAutoscale/action | Disables automatic scaling for a Batch account pool |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionProxies/validate/action | Validates a Private endpoint connection proxy on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionProxies/write | Create a new Private endpoint connection proxy on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionProxies/read | Gets Private endpoint connection proxy on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionProxies/delete | Delete a Private endpoint connection proxy on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionProxyResults/read | Gets the results of a long running Batch account private endpoint connection proxy operation |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnectionResults/read | Gets the results of a long running Batch account private endpoint connection operation |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnections/write | Update an existing Private endpoint connection on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnections/read | Gets Private endpoint connection or Lists Private endpoint connections on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateEndpointConnections/delete | Delete a Private endpoint connection on a Batch account |

-> | Microsoft.Batch/batchAccounts/privateLinkResources/read | Gets the properties of a Private link resource or Lists Private link resources on a Batch account |

-> | Microsoft.Batch/batchAccounts/providers/Microsoft.Insights/diagnosticSettings/read | Gets the diagnostic setting for the resource |

-> | Microsoft.Batch/batchAccounts/providers/Microsoft.Insights/diagnosticSettings/write | Creates or updates the diagnostic setting for the resource |

-> | Microsoft.Batch/batchAccounts/providers/Microsoft.Insights/logDefinitions/read | Gets the available logs for the Batch service |

-> | Microsoft.Batch/batchAccounts/providers/Microsoft.Insights/metricDefinitions/read | Gets the available metrics for the Batch service |

-> | Microsoft.Batch/deployments/preflight/action | Runs Preflight validation for resources included in the request |

-> | Microsoft.Batch/locations/checkNameAvailability/action | Checks that the account name is valid and not in use. |

-> | Microsoft.Batch/locations/accountOperationResults/read | Gets the results of a long running Batch account operation |

-> | Microsoft.Batch/locations/cloudServiceSkus/read | Lists available Batch supported Cloud Service VM sizes at the given location |

-> | Microsoft.Batch/locations/quotas/read | Gets Batch quotas of the specified subscription at the specified Azure region |

-> | Microsoft.Batch/locations/virtualMachineSkus/read | Lists available Batch supported Virtual Machine VM sizes at the given location |

-> | Microsoft.Batch/operations/read | Lists operations available on Microsoft.Batch resource provider |

-> | **DataAction** | **Description** |

-> | Microsoft.Batch/batchAccounts/jobs/read | Lists jobs on a Batch account or gets the properties of a job |

-> | Microsoft.Batch/batchAccounts/jobs/write | Creates a new job on a Batch account or updates an existing job |

-> | Microsoft.Batch/batchAccounts/jobs/delete | Deletes a job from a Batch account |

-> | Microsoft.Batch/batchAccounts/jobSchedules/read | Lists job schedules on a Batch account or gets the properties of a job schedule |

-> | Microsoft.Batch/batchAccounts/jobSchedules/write | Creates a new job schedule on a Batch account or updates an existing job schedule |

-> | Microsoft.Batch/batchAccounts/jobSchedules/delete | Deletes a job schedule from a Batch account |

-## Microsoft.Capacity

-Azure service: core

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Capacity/calculateprice/action | Calculate any Reservation Price |

-> | Microsoft.Capacity/checkoffers/action | Check any Subscription Offers |

-> | Microsoft.Capacity/checkscopes/action | Check any Subscription |

-> | Microsoft.Capacity/validatereservationorder/action | Validate any Reservation |

-> | Microsoft.Capacity/reservationorders/action | Update any Reservation |

-> | Microsoft.Capacity/register/action | Registers the Capacity resource provider and enables the creation of Capacity resources. |

-> | Microsoft.Capacity/unregister/action | Unregister any Tenant |

-> | Microsoft.Capacity/calculateexchange/action | Computes the exchange amount and price of new purchase and returns policy Errors. |

-> | Microsoft.Capacity/exchange/action | Exchange any Reservation |

-> | Microsoft.Capacity/listSkus/action | Lists SKUs with filters and without any restrictions |

-> | Microsoft.Capacity/appliedreservations/read | Read All Reservations |

-> | Microsoft.Capacity/catalogs/read | Read catalog of Reservation |

-> | Microsoft.Capacity/commercialreservationorders/read | Get Reservation Orders created in any Tenant |

-> | Microsoft.Capacity/operations/read | Read any Operation |

-> | Microsoft.Capacity/reservationorders/changedirectory/action | Change directory of any reservation |

-> | Microsoft.Capacity/reservationorders/availablescopes/action | Find any Available Scope |

-> | Microsoft.Capacity/reservationorders/read | Read All Reservations |

-> | Microsoft.Capacity/reservationorders/write | Create any Reservation |

-> | Microsoft.Capacity/reservationorders/delete | Delete any Reservation |

-> | Microsoft.Capacity/reservationorders/reservations/action | Update any Reservation |

-> | Microsoft.Capacity/reservationorders/return/action | Return any Reservation |

-> | Microsoft.Capacity/reservationorders/swap/action | Swap any Reservation |

-> | Microsoft.Capacity/reservationorders/split/action | Split any Reservation |

-> | Microsoft.Capacity/reservationorders/changeBilling/action | Reservation billing change |

-> | Microsoft.Capacity/reservationorders/merge/action | Merge any Reservation |

-> | Microsoft.Capacity/reservationorders/calculaterefund/action | Computes the refund amount and price of new purchase and returns policy Errors. |

-> | Microsoft.Capacity/reservationorders/changebillingoperationresults/read | Poll any Reservation billing change operation |

-> | Microsoft.Capacity/reservationorders/mergeoperationresults/read | Poll any merge operation |

-> | Microsoft.Capacity/reservationorders/reservations/availablescopes/action | Find any Available Scope |

-> | Microsoft.Capacity/reservationorders/reservations/read | Read All Reservations |

-> | Microsoft.Capacity/reservationorders/reservations/write | Create any Reservation |

-> | Microsoft.Capacity/reservationorders/reservations/delete | Delete any Reservation |

-> | Microsoft.Capacity/reservationorders/reservations/archive/action | Archive a reservation which is in a terminal state like Expired, Split etc. |

-> | Microsoft.Capacity/reservationorders/reservations/unarchive/action | Unarchive a Reservation which was previously archived |

-> | Microsoft.Capacity/reservationorders/reservations/revisions/read | Read All Reservations |

-> | Microsoft.Capacity/reservationorders/splitoperationresults/read | Poll any split operation |

-> | Microsoft.Capacity/resourceProviders/locations/serviceLimits/read | Get the current service limit or quota of the specified resource and location |

-> | Microsoft.Capacity/resourceProviders/locations/serviceLimits/write | Create service limit or quota for the specified resource and location |

-> | Microsoft.Capacity/resourceProviders/locations/serviceLimitsRequests/read | Get any service limit request for the specified resource and location |

-> | Microsoft.Capacity/tenants/register/action | Register any Tenant |

-## Microsoft.Commerce

-Azure service: core

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Commerce/register/action | Register Subscription for Microsoft Commerce UsageAggregate |

-> | Microsoft.Commerce/unregister/action | Unregister Subscription for Microsoft Commerce UsageAggregate |

-> | Microsoft.Commerce/RateCard/read | Returns offer data, resource/meter metadata and rates for the given subscription. |

-> | Microsoft.Commerce/UsageAggregates/read | Retrieves Microsoft Azure's consumption by a subscription. The result contains aggregates usage data, subscription and resource related information, on a particular time range. |

-## Microsoft.DataProtection

-Azure service: Microsoft.DataProtection

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.DataProtection/register/action | Registers subscription for given Resource Provider |

-> | Microsoft.DataProtection/unregister/action | Unregisters subscription for given Resource Provider |

-> | Microsoft.DataProtection/backupVaults/write | Create BackupVault operation creates an Azure resource of type 'Backup Vault' |

-> | Microsoft.DataProtection/backupVaults/write | Update BackupVault operation updates an Azure resource of type 'Backup Vault' |

-> | Microsoft.DataProtection/backupVaults/read | The Get Backup Vault operation gets an object representing the Azure resource of type 'Backup Vault' |

-> | Microsoft.DataProtection/backupVaults/read | Gets list of Backup Vaults in a Subscription |

-> | Microsoft.DataProtection/backupVaults/read | Gets list of Backup Vaults in a Resource Group |

-> | Microsoft.DataProtection/backupVaults/delete | The Delete Vault operation deletes the specified Azure resource of type 'Backup Vault' |

-> | Microsoft.DataProtection/backupVaults/validateForBackup/action | Validates for backup of Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/write | Creates a Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/validateForModifyBackup/action | Validates for modification of Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/delete | Deletes the Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/read | Returns details of the Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/read | Returns all Backup Instances |

-> | Microsoft.DataProtection/backupVaults/backupInstances/backup/action | Performs Backup on the Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/sync/action | Sync operation retries last failed operation on backup instance to bring it to a valid state. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/restore/action | Triggers restore on the Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/validateRestore/action | Validates for Restore of the Backup Instance |

-> | Microsoft.DataProtection/backupVaults/backupInstances/stopProtection/action | Stop Protection operation stops both backup and retention schedules of backup instance. Existing data will be retained forever. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/suspendBackups/action | Suspend Backups operation stops only backups of backup instance. Retention activities will continue and hence data will be ratained as per policy. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/resumeProtection/action | Resume protection of a ProtectionStopped BI. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/resumeBackups/action | Resume Backups for a BackupsSuspended BI. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/findRestorableTimeRanges/action | Finds Restorable Time Ranges |

-> | Microsoft.DataProtection/backupVaults/backupInstances/operationResults/read | Returns Backup Operation Result for Backup Vault. |

-> | Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | Returns details of the Recovery Point |

-> | Microsoft.DataProtection/backupVaults/backupInstances/recoveryPoints/read | Returns all Recovery Points |

-> | Microsoft.DataProtection/backupVaults/backupJobs/read | Get Jobs list |

-> | Microsoft.DataProtection/backupVaults/backupJobs/enableProgress/action | Get Job details |

-> | Microsoft.DataProtection/backupVaults/backupPolicies/write | Creates Backup Policy |

-> | Microsoft.DataProtection/backupVaults/backupPolicies/delete | Deletes the Backup Policy |

-> | Microsoft.DataProtection/backupVaults/backupPolicies/read | Returns details of the Backup Policy |

-> | Microsoft.DataProtection/backupVaults/backupPolicies/read | Returns all Backup Policies |

-> | Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | Get the list of ResourceGuard proxies for a resource |

-> | Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/read | Get ResourceGuard proxy operation gets an object representing the Azure resource of type 'ResourceGuard proxy' |

-> | Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/write | Create ResourceGuard proxy operation creates an Azure resource of type 'ResourceGuard Proxy' |

-> | Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/delete | The Delete ResourceGuard proxy operation deletes the specified Azure resource of type 'ResourceGuard proxy' |

-> | Microsoft.DataProtection/backupVaults/backupResourceGuardProxies/unlockDelete/action | Unlock delete ResourceGuard proxy operation unlocks the next delete critical operation |

-> | Microsoft.DataProtection/backupVaults/deletedBackupInstances/undelete/action | Perform undelete of soft-deleted Backup Instance. Backup Instance moves from SoftDeleted to ProtectionStopped state. |

-> | Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | Get soft-deleted Backup Instance in a Backup Vault by name |

-> | Microsoft.DataProtection/backupVaults/deletedBackupInstances/read | List soft-deleted Backup Instances in a Backup Vault. |

-> | Microsoft.DataProtection/backupVaults/operationResults/read | Gets Operation Result of a Patch Operation for a Backup Vault |

-> | Microsoft.DataProtection/backupVaults/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | Microsoft.DataProtection/locations/checkNameAvailability/action | Checks if the requested BackupVault Name is Available |

-> | Microsoft.DataProtection/locations/getBackupStatus/action | Check Backup Status for Recovery Services Vaults |

-> | Microsoft.DataProtection/locations/checkFeatureSupport/action | Validates if a feature is supported |

-> | Microsoft.DataProtection/locations/operationResults/read | Returns Backup Operation Result for Backup Vault. |

-> | Microsoft.DataProtection/locations/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | Microsoft.DataProtection/operations/read | Operation returns the list of Operations for a Resource Provider |

-> | Microsoft.DataProtection/subscriptions/providers/resourceGuards/read | Gets list of ResourceGuards in a Subscription |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchSecondaryRecoveryPoints/action | Returns recovery points from secondary region for cross region restore enabled Backup Vaults. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/crossRegionRestore/action | Triggers cross region restore operation on given backup instance. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/validateCrossRegionRestore/action | Performs validations for cross region restore operation. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJobs/action | List cross region restore jobs of backup instance from secondary region. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/fetchCrossRegionRestoreJob/action | Get cross region restore job details from secondary region. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/locations/operationStatus/read | Returns Backup Operation Status for Backup Vault. |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | Create ResourceGuard operation creates an Azure resource of type 'ResourceGuard' |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | The Get ResourceGuard operation gets an object representing the Azure resource of type 'ResourceGuard' |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/delete | The Delete ResourceGuard operation deletes the specified Azure resource of type 'ResourceGuard' |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/read | Gets list of ResourceGuards in a Resource Group |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/write | Update ResouceGuard operation updates an Azure resource of type 'ResourceGuard' |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | Gets ResourceGuard operation request info |

-> | Microsoft.DataProtection/subscriptions/resourceGroups/providers/resourceGuards/{operationName}/read | Gets ResourceGuard default operation request info |

-## Microsoft.Purview

-Azure service: [Microsoft Purview](/purview/)

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Purview/register/action | Register the subscription for Microsoft Purview provider. |

-> | Microsoft.Purview/unregister/action | Unregister the subscription for Microsoft Purview provider. |

-> | Microsoft.Purview/setDefaultAccount/action | Sets the default account for the scope. |

-> | Microsoft.Purview/removeDefaultAccount/action | Removes the default account for the scope. |

-> | Microsoft.Purview/accounts/read | Read account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/write | Write account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/delete | Delete account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/listkeys/action | List keys on the account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/addrootcollectionadmin/action | Add root collection admin to account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/move/action | Move account resource for Microsoft Purview provider. |

-> | Microsoft.Purview/accounts/PrivateEndpointConnectionsApproval/action | Approve Private Endpoint Connection. |

-> | Microsoft.Purview/accounts/kafkaConfigurations/read | Read Kafka Configurations. |

-> | Microsoft.Purview/accounts/kafkaConfigurations/write | Create or update Kafka Configurations. |

-> | Microsoft.Purview/accounts/kafkaConfigurations/delete | Delete Kafka Configurations. |

-> | Microsoft.Purview/accounts/privateEndpointConnectionProxies/read | Read Account Private Endpoint Connection Proxy. |

-> | Microsoft.Purview/accounts/privateEndpointConnectionProxies/write | Write Account Private Endpoint Connection Proxy. |

-> | Microsoft.Purview/accounts/privateEndpointConnectionProxies/delete | Delete Account Private Endpoint Connection Proxy. |

-> | Microsoft.Purview/accounts/privateEndpointConnectionProxies/validate/action | Validate Account Private Endpoint Connection Proxy. |

-> | Microsoft.Purview/accounts/privateEndpointConnectionProxies/operationResults/read | Monitor Private Endpoint Connection Proxy async operations. |

-> | Microsoft.Purview/accounts/privateEndpointConnections/read | Read Private Endpoint Connection. |

-> | Microsoft.Purview/accounts/privateEndpointConnections/write | Create or update Private Endpoint Connection. |

-> | Microsoft.Purview/accounts/privateEndpointConnections/delete | Delete Private Endpoint Connection. |

-> | Microsoft.Purview/accounts/privatelinkresources/read | Read Account Link Resources. |

-> | Microsoft.Purview/accounts/providers/Microsoft.Insights/diagnosticSettings/read | Gets the diagnostic setting for the resource. |

-> | Microsoft.Purview/accounts/providers/Microsoft.Insights/diagnosticSettings/write | Creates or updates the diagnostic setting for the resource. |

-> | Microsoft.Purview/accounts/providers/Microsoft.Insights/logDefinitions/read | Gets the available logs for the catalog. |

-> | Microsoft.Purview/accounts/providers/Microsoft.Insights/metricDefinitions/read | Gets the available metrics for the catalog. |

-> | Microsoft.Purview/checkConsent/read | Resolve the scope the Consent is granted. |

-> | Microsoft.Purview/checknameavailability/read | Check if name of purview account resource is available for Microsoft Purview provider. |

-> | Microsoft.Purview/consents/read | Read Consent Resource. |

-> | Microsoft.Purview/consents/write | Create or Update a Consent Resource. |

-> | Microsoft.Purview/consents/delete | Delete the Consent Resource. |

-> | Microsoft.Purview/getDefaultAccount/read | Gets the default account for the scope. |

-> | Microsoft.Purview/locations/operationResults/read | Monitor async operations. |

-> | Microsoft.Purview/operations/read | Reads all available operations for Microsoft Purview provider. |

-> | Microsoft.Purview/policies/read | Read Policy Resource. |

-> | **DataAction** | **Description** |

-> | Microsoft.Purview/accounts/data/read | Permission is deprecated. |

-> | Microsoft.Purview/accounts/data/write | Permission is deprecated. |

-> | Microsoft.Purview/accounts/scan/read | Permission is deprecated. |

-> | Microsoft.Purview/accounts/scan/write | Permission is deprecated. |

-> | Microsoft.Purview/attributeBlobs/read | Read Attribute Blob. |

-> | Microsoft.Purview/attributeBlobs/write | Write Attribute Blob. |

-> | Microsoft.Purview/policyElements/read | Read Policy Element. |

-> | Microsoft.Purview/policyElements/write | Create or update Policy Element. |

-> | Microsoft.Purview/policyElements/delete | Delete Policy Element. |

-> | Microsoft.Purview/purviewAccountBindings/read | Read Account Binding. |

-> | Microsoft.Purview/purviewAccountBindings/write | Create or update Account Binding. |

-> | Microsoft.Purview/purviewAccountBindings/delete | Delete Account Binding. |

-## Microsoft.Subscription

-Azure service: core

-> [!div class="mx-tableFixed"]

-> | Action | Description |

-> | | |

-> | Microsoft.Subscription/cancel/action | Cancels the Subscription |

-> | Microsoft.Subscription/rename/action | Renames the Subscription |

-> | Microsoft.Subscription/enable/action | Reactivates the Subscription |

-> | Microsoft.Subscription/aliases/write | Create subscription alias |

-> | Microsoft.Subscription/aliases/read | Get subscription alias |

-> | Microsoft.Subscription/aliases/delete | Delete subscription alias |

-> | Microsoft.Subscription/Policies/write | Create tenant policy |

-> | Microsoft.Subscription/Policies/default/read | Get tenant policy |

-> | Microsoft.Subscription/subscriptions/acceptOwnership/action | Accept ownership of Subscription |

-> | Microsoft.Subscription/subscriptions/acceptOwnershipStatus/read | Get the status of accepting ownership of Subscription |