Role Eligibility Schedule Requests - List For Scope

Gets role eligibility schedule requests for a scope.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests?api-version=2020-10-01
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests?$filter={$filter}&api-version=2020-10-01

URI Parameters

Name In Required Type Description
scope
path True

string

The scope of the role eligibility schedule requests.

api-version
query True

string

The API version to use for this operation.

$filter
query

string

The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedule requests requested by the current user. Use $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() to return all role eligibility schedule requests where the current user is an approver.

Responses

Name Type Description
200 OK

RoleEligibilityScheduleRequestListResult

OK - Returns an array of role eligibility schedule requests.

Other Status Codes

CloudError

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

GetRoleEligibilityScheduleRequestByScope

Sample Request

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleEligibilityScheduleRequests?$filter=assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')&api-version=2020-10-01

Sample Response

{
  "value": [
    {
      "properties": {
        "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413",
        "targetRoleEligibilityScheduleInstanceId": null,
        "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
        "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "principalType": "User",
        "requestType": "AdminAssign",
        "status": "Provisioned",
        "approvalId": null,
        "scheduleInfo": {
          "startDateTime": "2020-09-09T21:31:27.91Z",
          "expiration": {
            "type": "AfterDuration",
            "endDateTime": null,
            "duration": "P365D"
          }
        },
        "ticketInfo": {
          "ticketNumber": null,
          "ticketSystem": null
        },
        "justification": null,
        "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "createdOn": "2020-09-09T21:32:27.91Z",
        "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
        "conditionVersion": "1.0",
        "expandedProperties": {
          "scope": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
            "displayName": "Pay-As-You-Go",
            "type": "subscription"
          },
          "roleDefinition": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
            "displayName": "Contributor",
            "type": "BuiltInRole"
          },
          "principal": {
            "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
            "displayName": "User Account",
            "email": "user@my-tenant.com",
            "type": "User"
          }
        }
      },
      "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6",
      "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6",
      "type": "Microsoft.Authorization/RoleEligibilityRequests"
    }
  ]
}

Definitions

Name Description
CloudError

An error response from the service.

CloudErrorBody

An error response from the service.

ExpandedProperties

Expanded info of resource, role and principal

Expiration

Expiration of the role eligibility schedule

Principal

Details of the principal

principalType

The principal type of the assigned principal ID.

RequestType

The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc

RoleDefinition

Details of role definition

RoleEligibilityScheduleRequest

Role Eligibility schedule request

RoleEligibilityScheduleRequestListResult

Role eligibility schedule request list operation result.

ScheduleInfo

Schedule info of the role eligibility schedule

Scope

Details of the resource scope

Status

The status of the role eligibility schedule request.

TicketInfo

Ticket Info of the role eligibility

Type

Type of the role eligibility schedule expiration

CloudError

An error response from the service.

Name Type Description
error

CloudErrorBody

An error response from the service.

CloudErrorBody

An error response from the service.

Name Type Description
code

string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

message

string

A message describing the error, intended to be suitable for display in a user interface.

ExpandedProperties

Expanded info of resource, role and principal

Name Type Description
principal

Principal

Details of the principal

roleDefinition

RoleDefinition

Details of role definition

scope

Scope

Details of the resource scope

Expiration

Expiration of the role eligibility schedule

Name Type Description
duration

string

Duration of the role eligibility schedule in TimeSpan.

endDateTime

string

End DateTime of the role eligibility schedule.

type

Type

Type of the role eligibility schedule expiration

Principal

Details of the principal

Name Type Description
displayName

string

Display name of the principal

email

string

Email id of the principal

id

string

Id of the principal

type

string

Type of the principal

principalType

The principal type of the assigned principal ID.

Name Type Description
Device

string

ForeignGroup

string

Group

string

ServicePrincipal

string

User

string

RequestType

The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc

Name Type Description
AdminAssign

string

AdminExtend

string

AdminRemove

string

AdminRenew

string

AdminUpdate

string

SelfActivate

string

SelfDeactivate

string

SelfExtend

string

SelfRenew

string

RoleDefinition

Details of role definition

Name Type Description
displayName

string

Display name of the role definition

id

string

Id of the role definition

type

string

Type of the role definition

RoleEligibilityScheduleRequest

Role Eligibility schedule request

Name Type Description
id

string

The role eligibility schedule request ID.

name

string

The role eligibility schedule request name.

properties.approvalId

string

The approvalId of the role eligibility schedule request.

properties.condition

string

The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'

properties.conditionVersion

string

Version of the condition. Currently accepted value is '2.0'

properties.createdOn

string

DateTime when role eligibility schedule request was created

properties.expandedProperties

ExpandedProperties

Additional properties of principal, scope and role definition

properties.justification

string

Justification for the role eligibility

properties.principalId

string

The principal ID.

properties.principalType

principalType

The principal type of the assigned principal ID.

properties.requestType

RequestType

The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc

properties.requestorId

string

Id of the user who created this request

properties.roleDefinitionId

string

The role definition ID.

properties.scheduleInfo

ScheduleInfo

Schedule info of the role eligibility schedule

properties.scope

string

The role eligibility schedule request scope.

properties.status

Status

The status of the role eligibility schedule request.

properties.targetRoleEligibilityScheduleId

string

The resultant role eligibility schedule id or the role eligibility schedule id being updated

properties.targetRoleEligibilityScheduleInstanceId

string

The role eligibility schedule instance id being updated

properties.ticketInfo

TicketInfo

Ticket Info of the role eligibility

type

string

The role eligibility schedule request type.

RoleEligibilityScheduleRequestListResult

Role eligibility schedule request list operation result.

Name Type Description
nextLink

string

The URL to use for getting the next set of results.

value

RoleEligibilityScheduleRequest[]

Role eligibility schedule request list.

ScheduleInfo

Schedule info of the role eligibility schedule

Name Type Description
expiration

Expiration

Expiration of the role eligibility schedule

startDateTime

string

Start DateTime of the role eligibility schedule.

Scope

Details of the resource scope

Name Type Description
displayName

string

Display name of the resource

id

string

Scope id of the resource

type

string

Type of the resource

Status

The status of the role eligibility schedule request.

Name Type Description
Accepted

string

AdminApproved

string

AdminDenied

string

Canceled

string

Denied

string

Failed

string

FailedAsResourceIsLocked

string

Granted

string

Invalid

string

PendingAdminDecision

string

PendingApproval

string

PendingApprovalProvisioning

string

PendingEvaluation

string

PendingExternalProvisioning

string

PendingProvisioning

string

PendingRevocation

string

PendingScheduleCreation

string

Provisioned

string

ProvisioningStarted

string

Revoked

string

ScheduleCreated

string

TimedOut

string

TicketInfo

Ticket Info of the role eligibility

Name Type Description
ticketNumber

string

Ticket number for the role eligibility

ticketSystem

string

Ticket system name for the role eligibility

Type

Type of the role eligibility schedule expiration

Name Type Description
AfterDateTime

string

AfterDuration

string

NoExpiration

string