Hiermee maakt u een attestation of werkt u deze bij met het abonnementsbereik.
PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.PolicyInsights/attestations/{attestationName}?api-version=2022-09-01
URI-parameters
Name |
In |
Vereist |
Type |
Description |
attestationName
|
path |
True
|
string
|
De naam van de attestation.
|
subscriptionId
|
path |
True
|
string
|
De id van het doelabonnement.
|
api-version
|
query |
True
|
string
|
De API-versie die voor deze bewerking moet worden gebruikt.
|
Aanvraagbody
Name |
Vereist |
Type |
Description |
properties.policyAssignmentId
|
True
|
string
|
De resource-id van de beleidstoewijzing waarvoor de attestation de status instelt.
|
properties.assessmentDate
|
|
string
|
Het tijdstip waarop het bewijs is beoordeeld
|
properties.comments
|
|
string
|
Opmerkingen waarin wordt beschreven waarom deze attestation is gemaakt.
|
properties.complianceState
|
|
ComplianceState
|
De nalevingsstatus die moet worden ingesteld voor de resource.
|
properties.evidence
|
|
AttestationEvidence[]
|
Het bewijs ter ondersteuning van de nalevingsstatus die in deze attestation is ingesteld.
|
properties.expiresOn
|
|
string
|
Het tijdstip waarop de nalevingsstatus moet verlopen.
|
properties.metadata
|
|
object
|
Aanvullende metagegevens voor deze attestation
|
properties.owner
|
|
string
|
De persoon die verantwoordelijk is voor het instellen van de status van de resource. Deze waarde is doorgaans een Azure Active Directory-object-id.
|
properties.policyDefinitionReferenceId
|
|
string
|
De referentie-id van de beleidsdefinitie van een beleidssetdefinitie waarvoor de attestation de status instelt. Als de beleidstoewijzing een definitie van een beleidsset toewijst, kan de attestation een definitie binnen de setdefinitie kiezen met deze eigenschap of deze weglaten en de status voor de hele setdefinitie instellen.
|
Antwoorden
Name |
Type |
Description |
200 OK
|
Attestation
|
De bijgewerkte attestation.
|
201 Created
|
Attestation
|
De gemaakte attestation.
|
Other Status Codes
|
ErrorResponse
|
Foutreactie waarin wordt beschreven waarom de bewerking is mislukt.
|
Beveiliging
azure_auth
Azure Active Directory OAuth2-stroom
Type:
oauth2
Stroom:
implicit
Autorisatie-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiken
Name |
Description |
user_impersonation
|
Uw gebruikersaccount imiteren
|
Voorbeelden
Create attestation at subscription scope
Voorbeeldaanvraag
PUT https://management.azure.com/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/Microsoft.PolicyInsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e?api-version=2022-09-01
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"complianceState": "Compliant"
}
}
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.fluent.models.AttestationInner;
import com.azure.resourcemanager.policyinsights.models.ComplianceState;
/** Samples for Attestations CreateOrUpdateAtSubscription. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
*/
/**
* Sample code: Create attestation at subscription scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void createAttestationAtSubscriptionScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.attestations()
.createOrUpdateAtSubscription(
"790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
new AttestationInner()
.withPolicyAssignmentId(
"/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5")
.withComplianceState(ComplianceState.COMPLIANT),
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python attestations_create_subscription_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="35ee058e-5fa0-414c-8145-3ebb8d09b6e2",
)
response = client.attestations.begin_create_or_update_at_subscription(
attestation_name="790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
parameters={
"properties": {
"complianceState": "Compliant",
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
}
},
).result()
print(response)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
func ExampleAttestationsClient_BeginCreateOrUpdateAtSubscription_createAttestationAtSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAttestationsClient().BeginCreateOrUpdateAtSubscription(ctx, "790996e6-9871-4b1f-9cd9-ec42cd6ced1e", armpolicyinsights.Attestation{
Properties: &armpolicyinsights.AttestationProperties{
ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Attestation = armpolicyinsights.Attestation{
// Name: to.Ptr("790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
// Type: to.Ptr("Microsoft.PolicyInsights/attestations"),
// ID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
// Properties: &armpolicyinsights.AttestationProperties{
// ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
// LastComplianceStateChangeAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
// ProvisioningState: to.Ptr("Succeeded"),
// },
// SystemData: &armpolicyinsights.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
// CreatedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
// LastModifiedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an attestation at subscription scope.
*
* @summary Creates or updates an attestation at subscription scope.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
*/
async function createAttestationAtSubscriptionScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "35ee058e-5fa0-414c-8145-3ebb8d09b6e2";
const attestationName = "790996e6-9871-4b1f-9cd9-ec42cd6ced1e";
const parameters = {
complianceState: "Compliant",
policyAssignmentId:
"/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const result = await client.attestations.beginCreateOrUpdateAtSubscriptionAndWait(
attestationName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Voorbeeldrespons
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"complianceState": "Compliant",
"lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
"provisioningState": "Succeeded"
},
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"createdByType": "User",
"createdAt": "2020-06-15T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"lastModifiedByType": "User",
"lastModifiedAt": "2020-06-15T18:52:27Z"
},
"id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"type": "Microsoft.PolicyInsights/attestations"
}
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"complianceState": "Compliant",
"lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
"provisioningState": "Succeeded"
},
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"createdByType": "User",
"createdAt": "2020-06-15T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"lastModifiedByType": "User",
"lastModifiedAt": "2020-06-15T18:52:27Z"
},
"id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"type": "Microsoft.PolicyInsights/attestations"
}
Create attestation at subscription scope with all properties
Voorbeeldaanvraag
PUT https://management.azure.com/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/Microsoft.PolicyInsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e?api-version=2022-09-01
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
"complianceState": "Compliant",
"expiresOn": "2021-06-15T00:00:00Z",
"owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
"comments": "This subscription has passed a security audit.",
"evidence": [
{
"description": "The results of the security audit.",
"sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
}
],
"assessmentDate": "2021-06-10T00:00:00Z",
"metadata": {
"departmentId": "NYC-MARKETING-1"
}
}
}
import com.azure.core.management.serializer.SerializerFactory;
import com.azure.core.util.Context;
import com.azure.core.util.serializer.SerializerEncoding;
import com.azure.resourcemanager.policyinsights.fluent.models.AttestationInner;
import com.azure.resourcemanager.policyinsights.models.AttestationEvidence;
import com.azure.resourcemanager.policyinsights.models.ComplianceState;
import java.io.IOException;
import java.time.OffsetDateTime;
import java.util.Arrays;
/** Samples for Attestations CreateOrUpdateAtSubscription. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
*/
/**
* Sample code: Create attestation at subscription scope with all properties.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void createAttestationAtSubscriptionScopeWithAllProperties(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) throws IOException {
manager
.attestations()
.createOrUpdateAtSubscription(
"790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
new AttestationInner()
.withPolicyAssignmentId(
"/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5")
.withPolicyDefinitionReferenceId("0b158b46-ff42-4799-8e39-08a5c23b4551")
.withComplianceState(ComplianceState.COMPLIANT)
.withExpiresOn(OffsetDateTime.parse("2021-06-15T00:00:00Z"))
.withOwner("55a32e28-3aa5-4eea-9b5a-4cd85153b966")
.withComments("This subscription has passed a security audit.")
.withEvidence(
Arrays
.asList(
new AttestationEvidence()
.withDescription("The results of the security audit.")
.withSourceUri("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011")))
.withAssessmentDate(OffsetDateTime.parse("2021-06-10T00:00:00Z"))
.withMetadata(
SerializerFactory
.createDefaultManagementSerializerAdapter()
.deserialize(
"{\"departmentId\":\"NYC-MARKETING-1\"}", Object.class, SerializerEncoding.JSON)),
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python attestations_create_subscription_scope_all_properties.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="35ee058e-5fa0-414c-8145-3ebb8d09b6e2",
)
response = client.attestations.begin_create_or_update_at_subscription(
attestation_name="790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
parameters={
"properties": {
"assessmentDate": "2021-06-10T00:00:00Z",
"comments": "This subscription has passed a security audit.",
"complianceState": "Compliant",
"evidence": [
{
"description": "The results of the security audit.",
"sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011",
}
],
"expiresOn": "2021-06-15T00:00:00Z",
"metadata": {"departmentId": "NYC-MARKETING-1"},
"owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
}
},
).result()
print(response)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"time"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
func ExampleAttestationsClient_BeginCreateOrUpdateAtSubscription_createAttestationAtSubscriptionScopeWithAllProperties() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAttestationsClient().BeginCreateOrUpdateAtSubscription(ctx, "790996e6-9871-4b1f-9cd9-ec42cd6ced1e", armpolicyinsights.Attestation{
Properties: &armpolicyinsights.AttestationProperties{
AssessmentDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-10T00:00:00.000Z"); return t }()),
Comments: to.Ptr("This subscription has passed a security audit."),
ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
Evidence: []*armpolicyinsights.AttestationEvidence{
{
Description: to.Ptr("The results of the security audit."),
SourceURI: to.Ptr("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"),
}},
ExpiresOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-15T00:00:00.000Z"); return t }()),
Metadata: map[string]any{
"departmentId": "NYC-MARKETING-1",
},
Owner: to.Ptr("55a32e28-3aa5-4eea-9b5a-4cd85153b966"),
PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
PolicyDefinitionReferenceID: to.Ptr("0b158b46-ff42-4799-8e39-08a5c23b4551"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Attestation = armpolicyinsights.Attestation{
// Name: to.Ptr("790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
// Type: to.Ptr("Microsoft.PolicyInsights/attestations"),
// ID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
// Properties: &armpolicyinsights.AttestationProperties{
// AssessmentDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-10T00:00:00.000Z"); return t}()),
// Comments: to.Ptr("This subscription has passed a security audit."),
// ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
// Evidence: []*armpolicyinsights.AttestationEvidence{
// {
// Description: to.Ptr("The results of the security audit."),
// SourceURI: to.Ptr("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"),
// }},
// ExpiresOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-15T00:00:00.000Z"); return t}()),
// LastComplianceStateChangeAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// Metadata: map[string]any{
// "departmentId": "NYC-MARKETING-1",
// },
// Owner: to.Ptr("55a32e28-3aa5-4eea-9b5a-4cd85153b966"),
// PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
// PolicyDefinitionReferenceID: to.Ptr("0b158b46-ff42-4799-8e39-08a5c23b4551"),
// ProvisioningState: to.Ptr("Succeeded"),
// },
// SystemData: &armpolicyinsights.SystemData{
// CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
// CreatedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
// LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
// LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
// LastModifiedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an attestation at subscription scope.
*
* @summary Creates or updates an attestation at subscription scope.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
*/
async function createAttestationAtSubscriptionScopeWithAllProperties() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "35ee058e-5fa0-414c-8145-3ebb8d09b6e2";
const attestationName = "790996e6-9871-4b1f-9cd9-ec42cd6ced1e";
const parameters = {
assessmentDate: new Date("2021-06-10T00:00:00Z"),
comments: "This subscription has passed a security audit.",
complianceState: "Compliant",
evidence: [
{
description: "The results of the security audit.",
sourceUri: "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011",
},
],
expiresOn: new Date("2021-06-15T00:00:00Z"),
metadata: { departmentId: "NYC-MARKETING-1" },
owner: "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
policyAssignmentId:
"/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
policyDefinitionReferenceId: "0b158b46-ff42-4799-8e39-08a5c23b4551",
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const result = await client.attestations.beginCreateOrUpdateAtSubscriptionAndWait(
attestationName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Voorbeeldrespons
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
"complianceState": "Compliant",
"lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
"expiresOn": "2021-06-15T00:00:00Z",
"owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
"comments": "This subscription has passed a security audit.",
"evidence": [
{
"description": "The results of the security audit.",
"sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
}
],
"assessmentDate": "2021-06-10T00:00:00Z",
"metadata": {
"departmentId": "NYC-MARKETING-1"
},
"provisioningState": "Succeeded"
},
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"createdByType": "User",
"createdAt": "2020-06-15T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"lastModifiedByType": "User",
"lastModifiedAt": "2020-06-15T18:52:27Z"
},
"id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"type": "Microsoft.PolicyInsights/attestations"
}
{
"properties": {
"policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
"policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
"complianceState": "Compliant",
"lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
"expiresOn": "2021-06-15T00:00:00Z",
"owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
"comments": "This subscription has passed a security audit.",
"evidence": [
{
"description": "The results of the security audit.",
"sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
}
],
"assessmentDate": "2021-06-10T00:00:00Z",
"metadata": {
"departmentId": "NYC-MARKETING-1"
},
"provisioningState": "Succeeded"
},
"systemData": {
"createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"createdByType": "User",
"createdAt": "2020-06-15T18:52:27Z",
"lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
"lastModifiedByType": "User",
"lastModifiedAt": "2020-06-15T18:52:27Z"
},
"id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
"type": "Microsoft.PolicyInsights/attestations"
}
Definities
Attestation
Een attestation-resource.
Name |
Type |
Description |
id
|
string
|
Volledig gekwalificeerde resource-id voor de resource. Bijvoorbeeld - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
De naam van de resource
|
properties.assessmentDate
|
string
|
Het tijdstip waarop het bewijs is beoordeeld
|
properties.comments
|
string
|
Opmerkingen waarin wordt beschreven waarom deze attestation is gemaakt.
|
properties.complianceState
|
ComplianceState
|
De nalevingsstatus die moet worden ingesteld voor de resource.
|
properties.evidence
|
AttestationEvidence[]
|
Het bewijs ter ondersteuning van de nalevingsstatus die in deze attestation is ingesteld.
|
properties.expiresOn
|
string
|
Het tijdstip waarop de nalevingsstatus moet verlopen.
|
properties.lastComplianceStateChangeAt
|
string
|
Het tijdstip waarop de nalevingsstatus voor het laatst is gewijzigd in deze attestation.
|
properties.metadata
|
object
|
Aanvullende metagegevens voor deze attestation
|
properties.owner
|
string
|
De persoon die verantwoordelijk is voor het instellen van de status van de resource. Deze waarde is doorgaans een Azure Active Directory-object-id.
|
properties.policyAssignmentId
|
string
|
De resource-id van de beleidstoewijzing waarvoor de attestation de status instelt.
|
properties.policyDefinitionReferenceId
|
string
|
De referentie-id van de beleidsdefinitie van een beleidssetdefinitie waarvoor de attestation de status instelt. Als de beleidstoewijzing een definitie van een beleidsset toewijst, kan de attestation een definitie binnen de setdefinitie kiezen met deze eigenschap of deze weglaten en de status voor de hele setdefinitie instellen.
|
properties.provisioningState
|
string
|
De status van de attestation.
|
systemData
|
systemData
|
Azure Resource Manager metagegevens met informatie over createdBy en modifiedBy.
|
type
|
string
|
Het type resource. Bijvoorbeeld 'Microsoft.Compute/virtualMachines' of 'Microsoft.Storage/storageAccounts'
|
AttestationEvidence
Een stukje bewijs ter ondersteuning van de nalevingsstatus die is ingesteld in de attestation.
Name |
Type |
Description |
description
|
string
|
De beschrijving van dit bewijsstuk.
|
sourceUri
|
string
|
De URI-locatie van het bewijs.
|
ComplianceState
De nalevingsstatus die moet worden ingesteld voor de resource.
Name |
Type |
Description |
Compliant
|
string
|
De resource voldoet aan het beleid.
|
NonCompliant
|
string
|
De resource voldoet niet aan het beleid.
|
Unknown
|
string
|
De nalevingsstatus van de resource is niet bekend.
|
createdByType
Het type identiteit waarmee de resource is gemaakt.
Name |
Type |
Description |
Application
|
string
|
|
Key
|
string
|
|
ManagedIdentity
|
string
|
|
User
|
string
|
|
ErrorDefinition
Foutdefinitie.
Name |
Type |
Description |
additionalInfo
|
TypedErrorInfo[]
|
Aanvullende scenariospecifieke foutdetails.
|
code
|
string
|
Servicespecifieke foutcode die fungeert als de substatus voor de HTTP-foutcode.
|
details
|
ErrorDefinition[]
|
Interne foutdetails.
|
message
|
string
|
Beschrijving van de fout.
|
target
|
string
|
Het doel van de fout.
|
ErrorResponse
Foutreactie.
systemData
Metagegevens met betrekking tot het maken en laatste wijzigen van de resource.
Name |
Type |
Description |
createdAt
|
string
|
De tijdstempel van het maken van resources (UTC).
|
createdBy
|
string
|
De identiteit die de resource heeft gemaakt.
|
createdByType
|
createdByType
|
Het type identiteit waarmee de resource is gemaakt.
|
lastModifiedAt
|
string
|
Het tijdstempel van de laatste wijziging van de resource (UTC)
|
lastModifiedBy
|
string
|
De identiteit die de resource het laatst heeft gewijzigd.
|
lastModifiedByType
|
createdByType
|
Het type identiteit dat de resource het laatst heeft gewijzigd.
|
TypedErrorInfo
Scenariospecifieke foutdetails.
Name |
Type |
Description |
info
|
|
De specifieke foutdetails van het scenario.
|
type
|
string
|
Het type opgenomen foutdetails.
|