Abrufen einer bestimmten Governanceregel für den angeforderten Bereich nach ruleId
GET https://management.azure.com/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}?api-version=2022-01-01-preview
URI-Parameter
| Name |
In |
Erforderlich |
Typ |
Beschreibung |
|
ruleId
|
path |
True
|
string
|
Der Governance-Regelschlüssel – eindeutiger Schlüssel für die Standardgovernanceregel (GUID)
|
|
scope
|
path |
True
|
string
|
Der Umfang der Governanceregeln. Gültige Bereiche sind: Verwaltungsgruppe (Format: 'Providers/Microsoft.Management/managementGroups/{managementGroup}'), Abonnement (Format: 'subscriptions/{subscriptionId}') oder Security Connector (Format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
|
|
api-version
|
query |
True
|
string
|
API-Version für den Vorgang
|
Antworten
| Name |
Typ |
Beschreibung |
|
200 OK
|
GovernanceRule
|
OKAY
|
|
Other Status Codes
|
CloudError
|
Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist
|
Sicherheit
azure_auth
Azure Active Directory OAuth2-Fluss
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name |
Beschreibung |
|
user_impersonation
|
Identitätswechsel ihres Benutzerkontos
|
Beispiele
Get a governance rule over management group scope
Beispielanforderung
GET https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetManagementGroupGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over management group scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverManagementGroupScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse("providers/Microsoft.Management/managementGroups/contoso",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "providers/Microsoft.Management/managementGroups/contoso", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule for a management group"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("Management group rule"),
// ExcludedScopes: []*string{
// to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")},
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
*/
async function getAGovernanceRuleOverManagementGroupScope() {
const scope = "providers/Microsoft.Management/managementGroups/contoso";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.SecurityCenter.Models;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// get the collection of this GovernanceRuleResource
string scope = "providers/Microsoft.Management/managementGroups/contoso";
GovernanceRuleCollection collection = client.GetGovernanceRules(new ResourceIdentifier(scope));
// invoke the operation
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
NullableResponse<GovernanceRuleResource> response = await collection.GetIfExistsAsync(ruleId);
GovernanceRuleResource result = response.HasValue ? response.Value : null;
if (result == null)
{
Console.WriteLine("Succeeded with null as result");
}
else
{
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"id": "providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "Management group rule",
"description": "A rule for a management group",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Get a governance rule over security connector scope
Beispielanforderung
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetSecurityConnectorGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over security connector scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverSecurityConnectorScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse(
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverSecurityConnectorScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule on critical GCP recommendations"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("GCP Admin's rule"),
// ExcludedScopes: []*string{
// },
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
*/
async function getAGovernanceRuleOverSecurityConnectorScope() {
const scope =
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.SecurityCenter.Models;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// get the collection of this GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
GovernanceRuleCollection collection = client.GetGovernanceRules(new ResourceIdentifier(scope));
// invoke the operation
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
NullableResponse<GovernanceRuleResource> response = await collection.GetIfExistsAsync(ruleId);
GovernanceRuleResource result = response.HasValue ? response.Value : null;
if (result == null)
{
Console.WriteLine("Succeeded with null as result");
}
else
{
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "GCP Admin's rule",
"description": "A rule on critical GCP recommendations",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Get a governance rule over subscription scope
Beispielanforderung
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over subscription scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverSubscriptionScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule for critical recommendations"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("Admin's rule"),
// ExcludedScopes: []*string{
// },
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
*/
async function getAGovernanceRuleOverSubscriptionScope() {
const scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.SecurityCenter.Models;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// get the collection of this GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
GovernanceRuleCollection collection = client.GetGovernanceRules(new ResourceIdentifier(scope));
// invoke the operation
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
NullableResponse<GovernanceRuleResource> response = await collection.GetIfExistsAsync(ruleId);
GovernanceRuleResource result = response.HasValue ? response.Value : null;
if (result == null)
{
Console.WriteLine("Succeeded with null as result");
}
else
{
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Beispiel für eine Antwort
{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "Admin's rule",
"description": "A rule for critical recommendations",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Definitionen
CloudError
Objekt
Häufige Fehlerantwort für alle Azure Resource Manager-APIs, um Fehlerdetails für fehlgeschlagene Vorgänge zurückzugeben. (Dies folgt auch dem OData-Fehlerantwortformat.)
| Name |
Typ |
Beschreibung |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
Die zusätzlichen Informationen des Fehlers.
|
|
error.code
|
string
|
Der Fehlercode.
|
|
error.details
|
CloudErrorBody[]
|
Die Fehlerdetails.
|
|
error.message
|
string
|
Die Fehlermeldung.
|
|
error.target
|
string
|
Das Fehlerziel.
|
CloudErrorBody
Objekt
Das Fehlerdetails.
| Name |
Typ |
Beschreibung |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
Die zusätzlichen Informationen des Fehlers.
|
|
code
|
string
|
Der Fehlercode.
|
|
details
|
CloudErrorBody[]
|
Die Fehlerdetails.
|
|
message
|
string
|
Die Fehlermeldung.
|
|
target
|
string
|
Das Fehlerziel.
|
Condition
Objekt
Bedingung der Governanceregel
| Name |
Typ |
Beschreibung |
|
operator
|
GovernanceRuleConditionOperator
|
Der Operator der Governanceregelbedingung, z. B. "Gleich für Schweregrad" oder "In" für eine Liste der Bewertungen, finden Sie in den Beispielen
|
|
property
|
string
|
Die Eigenschaft der Governanceregelbedingung, z. B. Schweregrad oder AssessmentKey, finden Sie in Beispielen.
|
|
value
|
string
|
Die Werte der Governanceregelbedingung wie Schweregrad niedrig, Hoch oder Bewertungsschlüssel finden Sie in Den Beispielen
|
ErrorAdditionalInfo
Objekt
Der Ressourcenverwaltungsfehler zusätzliche Informationen.
| Name |
Typ |
Beschreibung |
|
info
|
object
|
Die zusätzlichen Informationen.
|
|
type
|
string
|
Der zusätzliche Informationstyp.
|
GovernanceRule
Objekt
Governance-Regel über einen bestimmten Bereich
| Name |
Typ |
Beschreibung |
|
id
|
string
|
Ressourcen-ID
|
|
name
|
string
|
Ressourcenname
|
|
properties.conditionSets
|
Condition[]
|
Die Governance-RegelbedingungSets – siehe Beispiele
|
|
properties.description
|
string
|
Beschreibung der Governanceregel
|
|
properties.displayName
|
string
|
Anzeigename der Governanceregel
|
|
properties.excludedScopes
|
string[]
|
Ausgeschlossene Bereiche, filtern Sie die Nachfolger des Bereichs (für Verwaltungsbereiche) aus.
|
|
properties.governanceEmailNotification
|
GovernanceRuleEmailNotification
|
Die E-Mail-Benachrichtigungseinstellungen für die Governanceregel geben an, ob Benachrichtigungen für Vermittler und Besitzer deaktiviert werden sollen.
|
|
properties.includeMemberScopes
|
boolean
|
Definiert, ob es sich bei der Regel um eine Verwaltungsbereichsregel handelt (Masterconnector als einzelner Bereich oder Verwaltungsbereich)
|
|
properties.isDisabled
|
boolean
|
Definiert, ob die Regel aktiv/inaktiv ist.
|
|
properties.isGracePeriod
|
boolean
|
Definiert, ob eine Nachfrist für die Governanceregel vorhanden ist.
|
|
properties.metadata
|
GovernanceRuleMetadata
|
Die Metadaten der Governanceregel
|
|
properties.ownerSource
|
GovernanceRuleOwnerSource
|
Die Besitzerquelle für die Governanceregel - z. B. manuell nach user@contoso.com - siehe Beispiel
|
|
properties.remediationTimeframe
|
string
pattern: ^[0-9]+\.[0-9]{2}:[0-9]{2}:[0-9]{2}$
|
Zeitrahmen für die Korrektur von Governance-Regeln – dies ist die Zeit, die sich auf die Nachfristdauer auswirkt, z. B. 7.00:00:00 - bedeutet 7 Tage
|
|
properties.rulePriority
|
integer
(int32)
minimum: 0
maximum: 1000
|
Priorität der Governanceregel, Priorität auf die niedrigere Zahl. Regeln mit der gleichen Priorität für denselben Bereich sind nicht zulässig.
|
|
properties.ruleType
|
GovernanceRuleType
|
Der Regeltyp der Governanceregel definiert die Quelle der Regel, z. B. Integriert
|
|
properties.sourceResourceType
|
GovernanceRuleSourceResourceType
|
Die Governanceregelquelle, welche Auswirkungen die Regel hat, z. B. Bewertungen
|
|
properties.tenantId
|
string
|
Die tenantId (GUID)
|
|
type
|
string
|
Ressourcentyp
|
GovernanceRuleConditionOperator
Enumeration
Der Operator der Governanceregelbedingung, z. B. "Gleich für Schweregrad" oder "In" für eine Liste der Bewertungen, finden Sie in den Beispielen
| Wert |
Beschreibung |
|
Equals
|
Überprüft, ob der Zeichenfolgenwert der in Property definierten Daten dem angegebenen Wert entspricht – genau passen
|
|
In
|
Überprüft, ob der Zeichenfolgenwert der in Property definierten Daten einem der angegebenen Werte entspricht (genau passen)
|
GovernanceRuleEmailNotification
Objekt
Die wöchentliche Benachrichtigungskonfiguration der Governance-E-Mail
| Name |
Typ |
Beschreibung |
|
disableManagerEmailNotification
|
boolean
|
Definiert, ob E-Mail-Benachrichtigungen für Vorgesetzte deaktiviert sind.
|
|
disableOwnerEmailNotification
|
boolean
|
Definiert, ob E-Mail-Benachrichtigungen für Besitzer deaktiviert sind.
|
Objekt
Die Metadaten der Governanceregel
| Name |
Typ |
Beschreibung |
|
createdBy
|
string
|
Governanceregel Erstellt mit Objekt-ID (GUID)
|
|
createdOn
|
string
(date-time)
|
Erstellungsdatum der Governanceregel
|
|
updatedBy
|
string
|
Governanceregel zuletzt aktualisiert durch Objekt-ID (GUID)
|
|
updatedOn
|
string
(date-time)
|
Datum der letzten Aktualisierung der Governanceregel
|
GovernanceRuleOwnerSource
Objekt
Beschreiben der Besitzerquelle der Governanceregel
| Name |
Typ |
Beschreibung |
|
type
|
GovernanceRuleOwnerSourceType
|
Der Besitzertyp für die Quelle des Governance-Regelbesitzers
|
|
value
|
string
|
Der Quellwert z. B. Tagschlüssel wie Besitzername oder E-Mail-Adresse
|
GovernanceRuleOwnerSourceType
Enumeration
Der Besitzertyp für die Quelle des Governance-Regelbesitzers
| Wert |
Beschreibung |
|
ByTag
|
Der Regelquelltyp, der mithilfe des Ressourcentags definiert wurde
|
|
Manually
|
Der manuell definierte Regelquelltyp
|
GovernanceRuleSourceResourceType
Enumeration
Die Governanceregelquelle, welche Auswirkungen die Regel hat, z. B. Bewertungen
| Wert |
Beschreibung |
|
Assessments
|
Die Quelle der Governanceregel ist Bewertungen.
|
GovernanceRuleType
Enumeration
Der Regeltyp der Governanceregel definiert die Quelle der Regel, z. B. Integriert
| Wert |
Beschreibung |
|
Integrated
|
Die Quelle der Regeltypdefinition ist integriert.
|
|
ServiceNow
|
Die Quelle der Regeltypdefinition ist ServiceNow
|