Role Management Policy Assignments - List For Scope
Ruft Rollenverwaltungsrichtlinien für einen Ressourcenbereich ab.
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments?api-version=2020-10-01URI-Parameter
| Name | In | Erforderlich | Typ | Beschreibung |
|---|---|---|---|---|
|
scope
|
path | True |
string |
Der Umfang der Rollenverwaltungsrichtlinie. |
|
api-version
|
query | True |
string minLength: 1 |
Die API-Version, die für diesen Vorgang verwendet werden soll. |
Antworten
| Name | Typ | Beschreibung |
|---|---|---|
| 200 OK |
OK : Gibt ein Array von Rollenverwaltungsrichtlinien zurück. |
|
| Other Status Codes |
Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist. |
Sicherheit
azure_auth
Azure Active Directory OAuth2-Fluss
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name | Beschreibung |
|---|---|
| user_impersonation | Identitätswechsel ihres Benutzerkontos |
Beispiele
GetRoleManagementPolicyAssignmentByScope
Beispielanforderung
GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignments?api-version=2020-10-01
Beispiel für eine Antwort
{
"value": [
{
"properties": {
"scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
"roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
"effectiveRules": [
{
"enabledRules": [],
"id": "Enablement_Admin_Eligibility",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": true,
"maximumDuration": "P90D",
"id": "Expiration_Admin_Eligibility",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_admin_eligible@test.com"
],
"id": "Notification_Admin_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_admin_eligible@test.com"
],
"id": "Notification_Requestor_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"approver_admin_eligible@test.com"
],
"id": "Notification_Approver_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"enabledRules": [
"MultiFactorAuthentication",
"Justification"
],
"id": "Enablement_Admin_Assignment",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": false,
"maximumDuration": "P90D",
"id": "Expiration_Admin_Assignment",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_admin_member@test.com"
],
"id": "Notification_Admin_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_admin_member@test.com"
],
"id": "Notification_Requestor_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"approver_admin_member@test.com"
],
"id": "Notification_Approver_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"setting": {
"isApprovalRequired": true,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "SingleStage",
"approvalStages": [
{
"approvalStageTimeOutInDays": 1,
"isApproverJustificationRequired": true,
"escalationTimeInMinutes": 0,
"primaryApprovers": [
{
"id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
"description": "amansw_new_group",
"isBackup": false,
"userType": "Group"
},
{
"id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
"description": "amansw_group",
"isBackup": false,
"userType": "Group"
}
],
"isEscalationEnabled": false,
"escalationApprovers": null
}
]
},
"id": "Approval_EndUser_Assignment",
"ruleType": "RoleManagementPolicyApprovalRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isEnabled": false,
"claimValue": "",
"id": "AuthenticationContext_EndUser_Assignment",
"ruleType": "RoleManagementPolicyAuthenticationContextRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"enabledRules": [
"MultiFactorAuthentication",
"Justification",
"Ticketing"
],
"id": "Enablement_EndUser_Assignment",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": true,
"maximumDuration": "PT7H",
"id": "Expiration_EndUser_Assignment",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_enduser_member@test.com"
],
"id": "Notification_Admin_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_enduser_member@test.com"
],
"id": "Notification_Requestor_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": true,
"notificationLevel": "Critical",
"notificationRecipients": null,
"id": "Notification_Approver_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
}
],
"policyAssignmentProperties": {
"scope": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
"displayName": "Pay-As-You-Go",
"type": "subscription"
},
"roleDefinition": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"displayName": "FHIR Data Converter",
"type": "BuiltInRole"
},
"policy": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
"lastModifiedBy": {
"id": null,
"displayName": "Admin",
"type": null,
"email": null
},
"lastModifiedDateTime": null
}
}
},
"name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"type": "Microsoft.Authorization/RoleManagementPolicyAssignment"
}
]
}Definitionen
| Name | Beschreibung |
|---|---|
|
Cloud |
Eine Fehlerantwort des Diensts. |
|
Cloud |
Eine Fehlerantwort des Diensts. |
| Policy |
Details der Richtlinie |
|
Policy |
Erweiterte Informationen zu Ressourcenbereich, Rollendefinition und Richtlinie |
| Principal |
Der Name der Entität, die sie zuletzt geändert hat |
|
Role |
Details zur Rollendefinition |
|
Role |
Rollenverwaltungsrichtlinie |
|
Role |
Ergebnis des Vorgangs der Rollenverwaltungsrichtlinienzuweisungsliste. |
| Scope |
Details zum Ressourcenbereich |
CloudError
Eine Fehlerantwort des Diensts.
| Name | Typ | Beschreibung |
|---|---|---|
| error |
Eine Fehlerantwort des Diensts. |
CloudErrorBody
Eine Fehlerantwort des Diensts.
| Name | Typ | Beschreibung |
|---|---|---|
| code |
string |
Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollen programmgesteuert genutzt werden. |
| message |
string |
Eine Meldung, die den Fehler beschreibt, der für die Anzeige in einer Benutzeroberfläche geeignet ist. |
Policy
Details der Richtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| id |
string |
ID der Richtlinie |
| lastModifiedBy |
Der Name der Entität, die sie zuletzt geändert hat |
|
| lastModifiedDateTime |
string (date-time) |
Datum der letzten Änderung. |
PolicyAssignmentProperties
Erweiterte Informationen zu Ressourcenbereich, Rollendefinition und Richtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| policy |
Details der Richtlinie |
|
| roleDefinition |
Details zur Rollendefinition |
|
| scope |
Details zum Ressourcenbereich |
Principal
Der Name der Entität, die sie zuletzt geändert hat
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Der Name des Prinzipals, der Änderungen vorgenommen hat |
|
string |
E-Mail-Adresse des Prinzipals |
|
| id |
string |
Die ID des Prinzipals, der Änderungen vorgenommen hat |
| type |
string |
Typ des Prinzipals wie Benutzer, Gruppe usw. |
RoleDefinition
Details zur Rollendefinition
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Anzeigename der Rollendefinition |
| id |
string |
ID der Rollendefinition |
| type |
string |
Typ der Rollendefinition |
RoleManagementPolicyAssignment
Rollenverwaltungsrichtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| id |
string |
Die Rollenverwaltungsrichtlinien-ID. |
| name |
string |
Der Name der Rollenverwaltungsrichtlinie. |
| properties.effectiveRules |
Role |
Die auf die Richtlinie angewendete readonly computed rule. |
| properties.policyAssignmentProperties |
Zusätzliche Eigenschaften von Bereich, Rollendefinition und Richtlinie |
|
| properties.policyId |
string |
Die Zuweisung der Richtlinien-ID-Rollenverwaltungsrichtlinie. |
| properties.roleDefinitionId |
string |
Die Rollendefinition der Zuweisung von Verwaltungsrichtlinien. |
| properties.scope |
string |
Der Richtlinienbereich für die Rollenverwaltung. |
| type |
string |
Der Rollenverwaltungsrichtlinientyp. |
RoleManagementPolicyAssignmentListResult
Ergebnis des Vorgangs der Rollenverwaltungsrichtlinienzuweisungsliste.
| Name | Typ | Beschreibung |
|---|---|---|
| nextLink |
string |
Die URL, die zum Abrufen des nächsten Resultsets verwendet werden soll. |
| value |
Rollenverwaltungsrichtlinienzuweisungsliste. |
Scope
Details zum Ressourcenbereich
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Anzeigename der Ressource |
| id |
string |
Bereichs-ID der Ressource |
| type |
string |
Typ der Ressource |