Policy Events - List Query Results For Resource Group Level Policy Assignment

Riferimento

Service:: Policy

API Version:: 2019-10-01

Esegue una query sugli eventi dei criteri per l'assegnazione dei criteri a livello di gruppo di risorse.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01

With optional parameters:

POST https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}

Parametri dell'URI

Nome	In	Necessario	Tipo	Descrizione
authorizationNamespace	path	True	AuthorizationNamespaceType	Spazio dei nomi per il provider di risorse di autorizzazione Microsoft; è consentito solo "Microsoft.Authorization".
policyAssignmentName	path	True	string	Nome assegnazione criteri.
policyEventsResource	path	True	PolicyEventsResourceType	Nome della risorsa virtuale in Tipo di risorsa PolicyEvents; è consentito solo "default".
resourceGroupName	path	True	string	Nome del gruppo di risorse.
subscriptionId	path	True	string	ID sottoscrizione di Microsoft Azure.
api-version	query	True	string	Versione api client.
$apply	query		string	OData applica l'espressione per le aggregazioni.
$filter	query		string	Espressione di filtro OData.
$from	query		string date-time	Timestamp in formato ISO 8601 che specifica l'ora di inizio dell'intervallo per la query. Se non specificato, il servizio usa ($to - 1 giorno).
$orderby	query		string	Ordinamento dell'espressione utilizzando la notazione OData. Uno o più nomi di colonna delimitati da virgole con un valore facoltativo "desc" (impostazione predefinita) o "asc", ad esempio "$orderby=PolicyAssignmentId, ResourceId asc".
$select	query		string	Selezionare l'espressione usando la notazione OData. Limita le colonne in ogni record solo a quelle richieste, ad esempio "$select=PolicyAssignmentId, ResourceId".
$skiptoken	query		string	Skiptoken viene fornito solo se una risposta precedente ha restituito un risultato parziale come parte dell'elemento nextLink.
$to	query		string date-time	Timestamp in formato ISO 8601 che specifica l'ora di fine dell'intervallo di query. Se non specificato, il servizio usa l'ora di richiesta.
$top	query		integer int32	Numero massimo di record da restituire.

Risposte

Nome	Tipo	Descrizione
200 OK	PolicyEventsQueryResults	Risultati query
Other Status Codes	QueryFailure	Risposta di errore che descrive il motivo per cui l'operazione non è riuscita.

Sicurezza

azure_auth

Flusso OAuth2 di Azure Active Directory

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Nome	Descrizione
user_impersonation	rappresentare l'account utente

Esempio

Query at resource group level policy assignment scope

Query at resource group level policy assignment scope with next link

Query at resource group level policy assignment scope

Sample Request

POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01

import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;

/** Samples for PolicyEvents ListQueryResultsForResourceGroupLevelPolicyAssignment. */
public final class Main {
    /*
     * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScope.json
     */
    /**
     * Sample code: Query at resource group level policy assignment scope.
     *
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void queryAtResourceGroupLevelPolicyAssignmentScope(
        com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
        manager
            .policyEvents()
            .listQueryResultsForResourceGroupLevelPolicyAssignment(
                PolicyEventsResourceType.DEFAULT,
                "fffedd8f-ffff-fffd-fffd-fffed2f84852",
                "myResourceGroup",
                "myPolicyAssignment",
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python policy_events_query_resource_group_level_policy_assignment_scope.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
    )

    response = client.policy_events.list_query_results_for_resource_group_level_policy_assignment(
        policy_events_resource="default",
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
        resource_group_name="myResourceGroup",
        policy_assignment_name="myPolicyAssignment",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScope.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armpolicyinsights_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourceGroupLevelPolicyAssignmentPager_queryAtResourceGroupLevelPolicyAssignmentScope() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourceGroupLevelPolicyAssignmentPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", "myPolicyAssignment", &armpolicyinsights.QueryOptions{Top: nil,
		Filter:    nil,
		OrderBy:   nil,
		Select:    nil,
		From:      nil,
		To:        nil,
		Apply:     nil,
		SkipToken: nil,
		Expand:    nil,
	}, nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
		// 	ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
		// 	ODataCount: to.Ptr[int32](2),
		// 	Value: []*armpolicyinsights.PolicyEvent{
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment"),
		// 			PolicyAssignmentName: to.Ptr("myPolicyAssignment"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup"),
		// 			PolicyDefinitionAction: to.Ptr("deny"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition"),
		// 			PolicyDefinitionName: to.Ptr("myPolicyAssignment"),
		// 			PrincipalOid: to.Ptr("fff2f355-fff2-fffc-fffb-fff1639dff94"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/microsoft.operationalinsights/workspaces"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T00:07:16.280Z"); return t}()),
		// 		},
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment"),
		// 			PolicyAssignmentName: to.Ptr("myPolicyAssignment"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup"),
		// 			PolicyDefinitionAction: to.Ptr("deny"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition"),
		// 			PolicyDefinitionName: to.Ptr("myPolicyAssignment"),
		// 			PrincipalOid: to.Ptr("fff2f355-fff2-fffc-fffb-fff1639dff94"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/microsoft.operationalinsights/workspaces"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T00:06:08.430Z"); return t}()),
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Queries policy events for the resource group level policy assignment.
 *
 * @summary Queries policy events for the resource group level policy assignment.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScope.json
 */
async function queryAtResourceGroupLevelPolicyAssignmentScope() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const policyEventsResource = "default";
  const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
  const policyAssignmentName = "myPolicyAssignment";
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.policyEvents.listQueryResultsForResourceGroupLevelPolicyAssignment(
    policyEventsResource,
    subscriptionId,
    resourceGroupName,
    policyAssignmentName
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "@odata.nextLink": null,
  "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
  "@odata.count": 2,
  "value": [
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T00:07:16.2804863Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/microsoft.operationalinsights/workspaces",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "myPolicyAssignment",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": null,
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup",
      "policyDefinitionName": "myPolicyAssignment",
      "policyDefinitionAction": "deny",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": null,
      "policySetDefinitionName": null,
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": null,
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff2f355-fff2-fffc-fffb-fff1639dff94",
      "complianceState": "NonCompliant"
    },
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T00:06:08.4302267Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/microsoft.operationalinsights/workspaces",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "myPolicyAssignment",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": null,
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup",
      "policyDefinitionName": "myPolicyAssignment",
      "policyDefinitionAction": "deny",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": null,
      "policySetDefinitionName": null,
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": null,
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff2f355-fff2-fffc-fffb-fff1639dff94",
      "complianceState": "NonCompliant"
    }
  ]
}

Query at resource group level policy assignment scope with next link

Sample Request

POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD

import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;

/** Samples for PolicyEvents ListQueryResultsForResourceGroupLevelPolicyAssignment. */
public final class Main {
    /*
     * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScopeNextLink.json
     */
    /**
     * Sample code: Query at resource group level policy assignment scope with next link.
     *
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void queryAtResourceGroupLevelPolicyAssignmentScopeWithNextLink(
        com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
        manager
            .policyEvents()
            .listQueryResultsForResourceGroupLevelPolicyAssignment(
                PolicyEventsResourceType.DEFAULT,
                "fffedd8f-ffff-fffd-fffd-fffed2f84852",
                "myResourceGroup",
                "myPolicyAssignment",
                null,
                null,
                null,
                null,
                null,
                null,
                null,
                "WpmWfBSvPhkAK6QD",
                Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python policy_events_query_resource_group_level_policy_assignment_scope_next_link.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
    )

    response = client.policy_events.list_query_results_for_resource_group_level_policy_assignment(
        policy_events_resource="default",
        subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
        resource_group_name="myResourceGroup",
        policy_assignment_name="myPolicyAssignment",
    )
    for item in response:
        print(item)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScopeNextLink.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armpolicyinsights_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourceGroupLevelPolicyAssignmentPager_queryAtResourceGroupLevelPolicyAssignmentScopeWithNextLink() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourceGroupLevelPolicyAssignmentPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", "myPolicyAssignment", &armpolicyinsights.QueryOptions{Top: nil,
		Filter:    nil,
		OrderBy:   nil,
		Select:    nil,
		From:      nil,
		To:        nil,
		Apply:     nil,
		SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
		Expand:    nil,
	}, nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
		// 	ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
		// 	ODataCount: to.Ptr[int32](2),
		// 	Value: []*armpolicyinsights.PolicyEvent{
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment"),
		// 			PolicyAssignmentName: to.Ptr("myPolicyAssignment"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup"),
		// 			PolicyDefinitionAction: to.Ptr("deny"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition"),
		// 			PolicyDefinitionName: to.Ptr("myPolicyAssignment"),
		// 			PrincipalOid: to.Ptr("fff2f355-fff2-fffc-fffb-fff1639dff94"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/microsoft.operationalinsights/workspaces"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T00:07:16.280Z"); return t}()),
		// 		},
		// 		{
		// 			ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
		// 			ComplianceState: to.Ptr("NonCompliant"),
		// 			IsCompliant: to.Ptr(false),
		// 			ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment"),
		// 			PolicyAssignmentName: to.Ptr("myPolicyAssignment"),
		// 			PolicyAssignmentOwner: to.Ptr("tbd"),
		// 			PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup"),
		// 			PolicyDefinitionAction: to.Ptr("deny"),
		// 			PolicyDefinitionCategory: to.Ptr("tbd"),
		// 			PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition"),
		// 			PolicyDefinitionName: to.Ptr("myPolicyAssignment"),
		// 			PrincipalOid: to.Ptr("fff2f355-fff2-fffc-fffb-fff1639dff94"),
		// 			ResourceGroup: to.Ptr("myResourceGroup"),
		// 			ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus"),
		// 			ResourceLocation: to.Ptr("eastus"),
		// 			ResourceTags: to.Ptr("tbd"),
		// 			ResourceType: to.Ptr("/microsoft.operationalinsights/workspaces"),
		// 			SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
		// 			TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
		// 			Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T00:06:08.430Z"); return t}()),
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Queries policy events for the resource group level policy assignment.
 *
 * @summary Queries policy events for the resource group level policy assignment.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupLevelPolicyAssignmentScopeNextLink.json
 */
async function queryAtResourceGroupLevelPolicyAssignmentScopeWithNextLink() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const policyEventsResource = "default";
  const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
  const policyAssignmentName = "myPolicyAssignment";
  const skipToken = "WpmWfBSvPhkAK6QD";
  const options = {
    queryOptions: { skipToken: skipToken },
  };
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.policyEvents.listQueryResultsForResourceGroupLevelPolicyAssignment(
    policyEventsResource,
    subscriptionId,
    resourceGroupName,
    policyAssignmentName,
    options
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "@odata.nextLink": null,
  "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
  "@odata.count": 2,
  "value": [
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T00:07:16.2804863Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/microsoft.operationalinsights/workspaces",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "myPolicyAssignment",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": null,
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup",
      "policyDefinitionName": "myPolicyAssignment",
      "policyDefinitionAction": "deny",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": null,
      "policySetDefinitionName": null,
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": null,
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff2f355-fff2-fffc-fffb-fff1639dff94",
      "complianceState": "NonCompliant"
    },
    {
      "@odata.id": null,
      "@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
      "timestamp": "2018-02-08T00:06:08.4302267Z",
      "resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/microsoft.operationalinsights/workspaces/defaultworkspace-fffedd8f-ffff-fffd-fffd-fffed2f84852-eus",
      "policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.Authorization/policyAssignments/myPolicyAssignment",
      "policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyDefinitions/myPolicyDefinition",
      "effectiveParameters": null,
      "isCompliant": false,
      "subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
      "resourceType": "/microsoft.operationalinsights/workspaces",
      "resourceLocation": "eastus",
      "resourceGroup": "myResourceGroup",
      "resourceTags": "tbd",
      "policyAssignmentName": "myPolicyAssignment",
      "policyAssignmentOwner": "tbd",
      "policyAssignmentParameters": null,
      "policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup",
      "policyDefinitionName": "myPolicyAssignment",
      "policyDefinitionAction": "deny",
      "policyDefinitionCategory": "tbd",
      "policySetDefinitionId": null,
      "policySetDefinitionName": null,
      "policySetDefinitionOwner": null,
      "policySetDefinitionCategory": null,
      "policySetDefinitionParameters": null,
      "managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
      "policyDefinitionReferenceId": null,
      "tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
      "principalOid": "fff2f355-fff2-fffc-fffb-fff1639dff94",
      "complianceState": "NonCompliant"
    }
  ]
}

Definizioni

Nome	Descrizione
AuthorizationNamespaceType	Spazio dei nomi per il provider di risorse di autorizzazione Microsoft; è consentito solo "Microsoft.Authorization".
ComponentEventDetails	Dettagli dell'evento del componente.
Error	Definizione di errore.
PolicyEvent	Record dell'evento dei criteri.
PolicyEventsQueryResults	Risultati query
PolicyEventsResourceType	Nome della risorsa virtuale in Tipo di risorsa PolicyEvents; è consentito solo "default".
QueryFailure	Risposta di errore.

AuthorizationNamespaceType

Spazio dei nomi per il provider di risorse di autorizzazione Microsoft; è consentito solo "Microsoft.Authorization".

Nome	Tipo	Descrizione
Microsoft.Authorization	string

ComponentEventDetails

Dettagli dell'evento del componente.

Nome	Tipo	Descrizione
id	string	ID componente.
name	string	Nome del componente,
policyDefinitionAction	string	Azione di definizione dei criteri, ovvero effetto.
principalOid	string	ID oggetto principal per l'utente che ha avviato l'operazione del componente della risorsa che ha attivato l'evento dei criteri.
tenantId	string	ID tenant per il record dell'evento dei criteri.
timestamp	string	Timestamp per il record dell'evento dei criteri dei componenti.
type	string	Tipo di componente.

Error

Definizione di errore.

Nome	Tipo	Descrizione
code	string	Codice di errore specifico del servizio che funge da sottostato per il codice di errore HTTP.
message	string	Descrizione dell'errore.

PolicyEvent

Record dell'evento dei criteri.

Nome	Tipo	Descrizione
@odata.context	string	Stringa di contesto OData; usato dai client OData per risolvere le informazioni sul tipo in base ai metadati.
@odata.id	string	ID entità OData; impostare sempre su Null perché i record eventi dei criteri non hanno un ID entità.
complianceState	string	Stato di conformità della risorsa.
components	ComponentEventDetails[]	Gli eventi dei componenti vengono registrati solo quando l'URL contiene la clausola $expand=components.
effectiveParameters	string	Parametri effettivi per l'assegnazione dei criteri.
isCompliant	boolean	Flag che indica se la risorsa è conforme all'assegnazione di criteri rispetto all'assegnazione di criteri rispetto a cui è stata valutata.
managementGroupIds	string	Elenco delimitato da virgole di ID dei gruppi di gestione, che rappresentano la gerarchia dei gruppi di gestione in cui si trova la risorsa.
policyAssignmentId	string	ID assegnazione criteri.
policyAssignmentName	string	Nome assegnazione criteri.
policyAssignmentOwner	string	Proprietario dell'assegnazione dei criteri.
policyAssignmentParameters	string	Parametri di assegnazione dei criteri.
policyAssignmentScope	string	Ambito di assegnazione dei criteri.
policyDefinitionAction	string	Azione di definizione dei criteri, ovvero effetto.
policyDefinitionCategory	string	Categoria di definizione dei criteri.
policyDefinitionId	string	ID definizione dei criteri.
policyDefinitionName	string	Nome della definizione dei criteri.
policyDefinitionReferenceId	string	ID di riferimento per la definizione dei criteri all'interno del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
policySetDefinitionCategory	string	Categoria di definizione del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
policySetDefinitionId	string	ID definizione del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
policySetDefinitionName	string	Nome della definizione del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
policySetDefinitionOwner	string	Proprietario della definizione del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
policySetDefinitionParameters	string	Parametri di definizione del set di criteri, se l'assegnazione dei criteri è per un set di criteri.
principalOid	string	ID oggetto principal per l'utente che ha avviato l'operazione di risorsa che ha attivato l'evento dei criteri.
resourceGroup	string	Nome del gruppo di risorse.
resourceId	string	ID risorsa.
resourceLocation	string	Percorso della risorsa.
resourceTags	string	Elenco di tag delle risorse.
resourceType	string	Tipo di risorsa.
subscriptionId	string	l'ID sottoscrizione.
tenantId	string	ID tenant per il record dell'evento dei criteri.
timestamp	string	Timestamp per il record dell'evento dei criteri.

PolicyEventsQueryResults

Risultati query

Nome	Tipo	Descrizione
@odata.context	string	Stringa di contesto OData; usato dai client OData per risolvere le informazioni sul tipo in base ai metadati.
@odata.count	integer	Numero di entità OData; rappresenta il numero di record eventi dei criteri restituiti.
@odata.nextLink	string	Collegamento successivo di Odata; URL per ottenere il set di risultati successivo.
value	PolicyEvent[]	Risultati query

PolicyEventsResourceType

Nome della risorsa virtuale in Tipo di risorsa PolicyEvents; è consentito solo "default".

Nome	Tipo	Descrizione
default	string

QueryFailure

Risposta di errore.

Nome	Tipo	Descrizione
error	Error	Definizione di errore.

Condividi tramite

Policy Events - List Query Results For Resource Group Level Policy Assignment

Parametri dell'URI

Risposte

Sicurezza

azure_auth

Scopes

Esempio

Query at resource group level policy assignment scope

Sample Request

Sample Response

Query at resource group level policy assignment scope with next link

Sample Request

Sample Response

Definizioni

AuthorizationNamespaceType

ComponentEventDetails

Error

PolicyEvent

PolicyEventsQueryResults

PolicyEventsResourceType

QueryFailure

Risorse aggiuntive