Alerts - Update

Service:

Authorization

API Version:

2022-08-01-preview

Update an alert.

PATCH https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}?api-version=2022-08-01-preview

URI Parameters

Name	In	Required	Type	Description
alertId	path	True	string	The name of the alert to get.
scope	path	True	string	The fully qualified Azure Resource manager identifier of the resource.
api-version	query	True	string minLength: 1	The API version to use for this operation.

Request Body

Name	Type	Description
properties.isActive	boolean	False by default; true if the alert is active.

Responses

Name	Type	Description
204 No Content		Operation completed successfully.
Other Status Codes	Microsoft.Common.CloudError	An unexpected error response.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

DeactivateAlert

Sample request

HTTP

PATCH https://management.azure.com/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource?api-version=2022-08-01-preview

{
  "properties": {
    "isActive": false
  }
}

Python

from azure.identity import DefaultAzureCredential

from azure.mgmt.authorization import AuthorizationManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-authorization
# USAGE
    python update_alert.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = AuthorizationManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="SUBSCRIPTION_ID",
    )

    client.alerts.update(
        scope="subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        alert_id="TooManyPermanentOwnersAssignedToResource",
        parameters={"properties": {"isActive": False}},
    )


# x-ms-original-file: 2022-08-01-preview/UpdateAlert.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:

204

Definitions

Name	Description
Alert	The alert.
AlertConfiguration	Alert configuration.
AlertDefinition	Alert definition
AlertIncident	Alert incident
AzureRolesAssignedOutsidePimAlertConfigurationProperties	The Azure roles assigned outside PIM alert configuration properties.
AzureRolesAssignedOutsidePimAlertIncidentProperties	Azure roles assigned outside PIM alert incident properties.
createdByType	The type of identity that created the resource.
DuplicateRoleCreatedAlertConfigurationProperties	The duplicate role created alert configuration.
DuplicateRoleCreatedAlertIncidentProperties	Duplicate role created alert incident properties.
Microsoft.Common.CloudError	An error response from the service.
Microsoft.Common.CloudErrorBody	An error response from the service.
SeverityLevel	Severity level of the alert.
systemData	Metadata pertaining to creation and last modification of the resource.
TooManyOwnersAssignedToResourceAlertConfigurationProperties	Too many owners assigned to resource alert configuration properties.
TooManyOwnersAssignedToResourceAlertIncidentProperties	Too many owners assigned to resource alert incident properties.
TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties	Too many permanent owners assigned to resource alert configuration properties.
TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties	Too many permanent owners assigned to resource alert incident properties.

Alert

Object

The alert.

Name	Type	Description
id	string	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	The name of the resource
properties.alertConfiguration	AlertConfiguration	The alert configuration.
properties.alertDefinition	AlertDefinition	The alert definition.
properties.alertIncidents	AlertIncident[]	The alert incidents.
properties.incidentCount	integer (int32)	The number of generated incidents of the alert.
properties.isActive	boolean	False by default; true if the alert is active.
properties.lastModifiedDateTime	string (date-time)	The date time when the alert configuration was updated or new incidents were generated.
properties.lastScannedDateTime	string (date-time)	The date time when the alert was last scanned.
properties.scope	string	The alert scope.
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

AlertConfiguration

Object

Alert configuration.

Name	Type	Description
id	string	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	The name of the resource
properties	AlertConfigurationProperties: AzureRolesAssignedOutsidePimAlertConfigurationProperties DuplicateRoleCreatedAlertConfigurationProperties TooManyOwnersAssignedToResourceAlertConfigurationProperties TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties	Alert configuration properties.
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

AlertDefinition

Object

Alert definition

Name	Type	Description
id	string	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	The name of the resource
properties.description	string	The alert description.
properties.displayName	string	The alert display name.
properties.howToPrevent	string	The ways to prevent the alert.
properties.isConfigurable	boolean	True if the alert configuration can be configured; false, otherwise.
properties.isRemediatable	boolean	True if the alert can be remediated; false, otherwise.
properties.mitigationSteps	string	The methods to mitigate the alert.
properties.scope	string	The alert scope.
properties.securityImpact	string	Security impact of the alert.
properties.severityLevel	SeverityLevel	Severity level of the alert.
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

AlertIncident

Object

Alert incident

Name	Type	Description
id	string	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	The name of the resource
properties	AlertIncidentProperties: AzureRolesAssignedOutsidePimAlertIncidentProperties DuplicateRoleCreatedAlertIncidentProperties TooManyOwnersAssignedToResourceAlertIncidentProperties TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties	Alert incident properties.
systemData	systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information.
type	string	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"

AzureRolesAssignedOutsidePimAlertConfigurationProperties

Object

The Azure roles assigned outside PIM alert configuration properties.

Name	Type	Description
alertConfigurationType	string: AzureRolesAssignedOutsidePimAlertConfiguration	The alert configuration type.
alertDefinition	AlertDefinition	The alert definition.
alertDefinitionId	string	The alert definition ID.
isEnabled	boolean	True if the alert is enabled, false will disable the scanning for the specific alert.
scope	string	The alert scope.

AzureRolesAssignedOutsidePimAlertIncidentProperties

Object

Azure roles assigned outside PIM alert incident properties.

Name	Type	Description
alertIncidentType	string: AzureRolesAssignedOutsidePimAlertIncident	The alert incident type.
assigneeDisplayName	string	The assignee display name.
assigneeId	string	The assignee ID.
assigneeUserPrincipalName	string	The assignee user principal name.
assignmentActivatedDate	string (date-time)	The date the assignment was activated.
requestorDisplayName	string	The requestor display name.
requestorId	string	The requestor ID.
requestorUserPrincipalName	string	The requestor user principal name.
roleDefinitionId	string	The role definition ID.
roleDisplayName	string	The role display name.
roleTemplateId	string	The role template ID.

createdByType

Enumeration

The type of identity that created the resource.

Value	Description
User
Application
ManagedIdentity
Key

DuplicateRoleCreatedAlertConfigurationProperties

Object

The duplicate role created alert configuration.

Name	Type	Description
alertConfigurationType	string: DuplicateRoleCreatedAlertConfiguration	The alert configuration type.
alertDefinition	AlertDefinition	The alert definition.
alertDefinitionId	string	The alert definition ID.
isEnabled	boolean	True if the alert is enabled, false will disable the scanning for the specific alert.
scope	string	The alert scope.

DuplicateRoleCreatedAlertIncidentProperties

Object

Duplicate role created alert incident properties.

Name	Type	Description
alertIncidentType	string: DuplicateRoleCreatedAlertIncident	The alert incident type.
duplicateRoles	string	The duplicate roles.
reason	string	The reason for the incident.
roleName	string	The role name.

Microsoft.Common.CloudError

Object

An error response from the service.

Name	Type	Description
error	Microsoft.Common.CloudErrorBody	An error response from the service.

Microsoft.Common.CloudErrorBody

Object

An error response from the service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
message	string	A message describing the error, intended to be suitable for display in a user interface.

SeverityLevel

Enumeration

Severity level of the alert.

Value	Description
Low	Low
Medium	Medium
High	High

systemData

Object

Metadata pertaining to creation and last modification of the resource.

Name	Type	Description
createdAt	string (date-time)	The timestamp of resource creation (UTC).
createdBy	string	The identity that created the resource.
createdByType	createdByType	The type of identity that created the resource.
lastModifiedAt	string (date-time)	The timestamp of resource last modification (UTC)
lastModifiedBy	string	The identity that last modified the resource.
lastModifiedByType	createdByType	The type of identity that last modified the resource.

TooManyOwnersAssignedToResourceAlertConfigurationProperties

Object

Too many owners assigned to resource alert configuration properties.

Name	Type	Description
alertConfigurationType	string: TooManyOwnersAssignedToResourceAlertConfiguration	The alert configuration type.
alertDefinition	AlertDefinition	The alert definition.
alertDefinitionId	string	The alert definition ID.
isEnabled	boolean	True if the alert is enabled, false will disable the scanning for the specific alert.
scope	string	The alert scope.
thresholdNumberOfOwners	integer (int32)	The threshold number of owners.
thresholdPercentageOfOwnersOutOfAllRoleMembers	integer (int32)	The threshold percentage of owners out of all role members.

TooManyOwnersAssignedToResourceAlertIncidentProperties

Object

Too many owners assigned to resource alert incident properties.

Name	Type	Description
alertIncidentType	string: TooManyOwnersAssignedToResourceAlertIncident	The alert incident type.
assigneeName	string	The assignee name.
assigneeType	string	The assignee type.

TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties

Object

Too many permanent owners assigned to resource alert configuration properties.

Name	Type	Description
alertConfigurationType	string: TooManyPermanentOwnersAssignedToResourceAlertConfiguration	The alert configuration type.
alertDefinition	AlertDefinition	The alert definition.
alertDefinitionId	string	The alert definition ID.
isEnabled	boolean	True if the alert is enabled, false will disable the scanning for the specific alert.
scope	string	The alert scope.
thresholdNumberOfPermanentOwners	integer (int32)	The threshold number of permanent owners.
thresholdPercentageOfPermanentOwnersOutOfAllOwners	integer (int32)	The threshold percentage of permanent owners out of all owners.

TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties

Object

Too many permanent owners assigned to resource alert incident properties.

Name	Type	Description
alertIncidentType	string: TooManyPermanentOwnersAssignedToResourceAlertIncident	The alert incident type.
assigneeName	string	The assignee name.
assigneeType	string	The assignee type.