리소스에 대한 정책 이벤트를 쿼리합니다.
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$expand={$expand}&$skiptoken={$skiptoken}
URI 매개 변수
Name |
In(다음 안에) |
필수 |
형식 |
Description |
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
PolicyEvents 리소스 종류에 있는 가상 리소스의 이름입니다. "기본값"만 허용됩니다.
|
resourceId
|
path |
True
|
string
|
리소스 ID입니다.
|
api-version
|
query |
True
|
string
|
클라이언트 API 버전.
|
$apply
|
query |
|
string
|
OData는 집계에 식을 적용합니다.
|
$expand
|
query |
|
string
|
$expand 쿼리 매개 변수입니다. 예를 들어 구성 요소를 확장하려면 $expand=components를 사용합니다.
|
$filter
|
query |
|
string
|
OData 필터 식입니다.
|
$from
|
query |
|
string
date-time
|
쿼리할 간격의 시작 시간을 지정하는 ISO 8601 형식 타임스탬프입니다. 지정하지 않으면 서비스에서 ($to - 1일)을 사용합니다.
|
$orderby
|
query |
|
string
|
OData 표기법을 사용하여 식 순서 지정 선택적 "desc"(기본값) 또는 "asc"(예: "$orderby=PolicyAssignmentId, ResourceId asc")가 있는 하나 이상의 쉼표로 구분된 열 이름입니다.
|
$select
|
query |
|
string
|
OData 표기법을 사용하여 식을 선택합니다. 각 레코드의 열을 요청된 열(예: "$select=PolicyAssignmentId, ResourceId")으로 제한합니다.
|
$skiptoken
|
query |
|
string
|
Skiptoken은 이전 응답이 nextLink 요소의 일부로 부분 결과를 반환한 경우에만 제공됩니다.
|
$to
|
query |
|
string
date-time
|
쿼리할 간격의 종료 시간을 지정하는 ISO 8601 형식 타임스탬프입니다. 지정하지 않으면 서비스는 요청 시간을 사용합니다.
|
$top
|
query |
|
integer
int32
|
반환할 최대 레코드 수입니다.
|
응답
보안
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
사용자 계정 가장
|
예제
Query at nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
/**
* Sample code: Query at nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
async function queryAtNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
/**
* Sample code: Query at resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScope(com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
async function queryAtResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
async function queryAtResourceScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
/**
* Sample code: Query at subscription level nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
async function queryAtSubscriptionLevelNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
/**
* Sample code: Query at subscription level resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
async function queryAtSubscriptionLevelResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query components policy events count grouped by user and action type for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components_group_by_with_aggregate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// AdditionalProperties: map[string]any{
// "totalActions": float64(6),
// },
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
async function queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand =
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit",
"totalActions": 6
}
]
}
]
}
Query components policy events for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
/**
* Sample code: Query components policy events for resource scope filtered by given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// Name: to.Ptr("cert-RSA-cert-3"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-3"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:23.036Z"); return t}()),
// },
// {
// Name: to.Ptr("cert-RSA-cert-2"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-2"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:22.768Z"); return t}()),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
async function queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand = "components";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"id": "cert-RSA-cert-3",
"type": "Certificate",
"name": "cert-RSA-cert-3",
"timestamp": "2020-02-21T17:45:23.0367Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
},
{
"id": "cert-RSA-cert-2",
"type": "Certificate",
"name": "cert-RSA-cert-2",
"timestamp": "2020-02-21T17:45:22.7682778Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
}
]
}
]
}
정의
ComponentEventDetails
구성 요소 이벤트 세부 정보입니다.
Name |
형식 |
Description |
id
|
string
|
구성 요소 ID입니다.
|
name
|
string
|
구성 요소 이름입니다.
|
policyDefinitionAction
|
string
|
정책 정의 작업, 즉 효과입니다.
|
principalOid
|
string
|
정책 이벤트를 트리거한 리소스 구성 요소 작업을 시작한 사용자의 보안 주체 개체 ID입니다.
|
tenantId
|
string
|
정책 이벤트 레코드의 테넌트 ID입니다.
|
timestamp
|
string
|
구성 요소 정책 이벤트 레코드에 대한 타임스탬프입니다.
|
type
|
string
|
구성 요소 유형입니다.
|
Error
오류 정의입니다.
Name |
형식 |
Description |
code
|
string
|
HTTP 오류 코드의 하위 상태 역할을 하는 서비스별 오류 코드입니다.
|
message
|
string
|
오류 설명입니다.
|
PolicyEvent
정책 이벤트 레코드입니다.
Name |
형식 |
Description |
@odata.context
|
string
|
OData 컨텍스트 문자열; OData 클라이언트에서 메타데이터에 따라 형식 정보를 resolve 데 사용됩니다.
|
@odata.id
|
string
|
OData 엔터티 ID; 정책 이벤트 레코드에 엔터티 ID가 없으므로 항상 null로 설정합니다.
|
complianceState
|
string
|
리소스의 준수 상태입니다.
|
components
|
ComponentEventDetails[]
|
URL에 $expand=components 절이 포함된 경우에만 구성 요소 이벤트 레코드가 채워집니다.
|
effectiveParameters
|
string
|
정책 할당에 대한 유효 매개 변수입니다.
|
isCompliant
|
boolean
|
리소스가 평가된 정책 할당과 호환되는지 여부를 나타내는 플래그입니다.
|
managementGroupIds
|
string
|
리소스가 있는 관리 그룹의 계층 구조를 나타내는 관리 그룹 ID의 쉼표로 구분된 목록입니다.
|
policyAssignmentId
|
string
|
정책 할당 ID입니다.
|
policyAssignmentName
|
string
|
정책 할당 이름입니다.
|
policyAssignmentOwner
|
string
|
정책 할당 소유자입니다.
|
policyAssignmentParameters
|
string
|
정책 할당 매개 변수입니다.
|
policyAssignmentScope
|
string
|
정책 할당 scope.
|
policyDefinitionAction
|
string
|
정책 정의 작업, 즉 효과입니다.
|
policyDefinitionCategory
|
string
|
정책 정의 범주입니다.
|
policyDefinitionId
|
string
|
정책 정의 ID입니다.
|
policyDefinitionName
|
string
|
정책 정의 이름입니다.
|
policyDefinitionReferenceId
|
string
|
정책 할당이 정책 집합에 대한 경우 정책 집합 내의 정책 정의에 대한 참조 ID입니다.
|
policySetDefinitionCategory
|
string
|
정책 집합에 대한 정책 할당인 경우 정책 집합 정의 범주입니다.
|
policySetDefinitionId
|
string
|
정책 집합에 대한 정책 할당인 경우 정책 집합 정의 ID입니다.
|
policySetDefinitionName
|
string
|
정책 집합에 대한 정책 할당인 경우 정책 집합 정의 이름입니다.
|
policySetDefinitionOwner
|
string
|
정책 집합에 대한 정책 할당인 경우 정책 집합 정의 소유자입니다.
|
policySetDefinitionParameters
|
string
|
정책 집합에 대한 정책 할당인 경우 정책 집합 정의 매개 변수입니다.
|
principalOid
|
string
|
정책 이벤트를 트리거한 리소스 작업을 시작한 사용자의 보안 주체 개체 ID입니다.
|
resourceGroup
|
string
|
리소스 그룹 이름
|
resourceId
|
string
|
리소스 ID입니다.
|
resourceLocation
|
string
|
리소스 위치.
|
resourceTags
|
string
|
리소스 태그 목록입니다.
|
resourceType
|
string
|
리소스 종류.
|
subscriptionId
|
string
|
구독 ID가 표시됩니다.
|
tenantId
|
string
|
정책 이벤트 레코드의 테넌트 ID입니다.
|
timestamp
|
string
|
정책 이벤트 레코드에 대한 타임스탬프입니다.
|
PolicyEventsQueryResults
쿼리 결과
Name |
형식 |
Description |
@odata.context
|
string
|
OData 컨텍스트 문자열; OData 클라이언트에서 메타데이터에 따라 형식 정보를 resolve 데 사용됩니다.
|
@odata.count
|
integer
|
OData 엔터티 수; 는 반환되는 정책 이벤트 레코드의 수를 나타냅니다.
|
@odata.nextLink
|
string
|
Odata next 링크; 다음 결과 집합을 가져오는 URL입니다.
|
value
|
PolicyEvent[]
|
쿼리 결과
|
PolicyEventsResourceType
PolicyEvents 리소스 종류에 있는 가상 리소스의 이름입니다. "기본값"만 허용됩니다.
Name |
형식 |
Description |
default
|
string
|
|
QueryFailure
오류 응답입니다.
Name |
형식 |
Description |
error
|
Error
|
오류 정의입니다.
|