Wysyła zapytania dotyczące zdarzeń zasad dla zasobów w grupie zarządzania.
POST https://management.azure.com/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
Z parametrami opcjonalnymi:
POST https://management.azure.com/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}
Parametry identyfikatora URI
Nazwa |
W |
Wymagane |
Typ |
Opis |
managementGroupName
|
path |
True
|
string
|
Nazwa grupy zarządzania.
|
managementGroupsNamespace
|
path |
True
|
ManagementGroupsNamespaceType
|
Przestrzeń nazw dla dostawcy zasobów zarządzania firmy Microsoft; dozwolone jest tylko "Microsoft.Management".
|
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
Nazwa zasobu wirtualnego w obszarze PolicyEvents typ zasobu; dozwolone jest tylko ustawienie "domyślne".
|
api-version
|
query |
True
|
string
|
Wersja interfejsu API klienta.
|
$apply
|
query |
|
string
|
Wyrażenie zastosuj OData dla agregacji.
|
$filter
|
query |
|
string
|
Wyrażenie filtru OData.
|
$from
|
query |
|
string
date-time
|
Formatowany znacznik czasu ISO 8601 określający godzinę rozpoczęcia interwału zapytania. Jeśli nie zostanie określona, usługa używa ($to - 1-dniowy).
|
$orderby
|
query |
|
string
|
Porządkowanie wyrażenia przy użyciu notacji OData. Co najmniej jedna nazwa kolumn rozdzielanych przecinkami z opcjonalnym ciągiem "desc" (wartość domyślna) lub "asc", np. "$orderby=PolicyAssignmentId, ResourceId asc".
|
$select
|
query |
|
string
|
Wybierz wyrażenie przy użyciu notacji OData. Ogranicza kolumny dla każdego rekordu tylko do żądanych, np. "$select=PolicyAssignmentId, ResourceId".
|
$skiptoken
|
query |
|
string
|
Skiptoken jest dostarczany tylko wtedy, gdy poprzednia odpowiedź zwróciła częściowy wynik w ramach elementu nextLink.
|
$to
|
query |
|
string
date-time
|
Sformatowany znacznik czasu ISO 8601 określający czas zakończenia interwału zapytania. Jeśli nie zostanie określony, usługa używa czasu żądania.
|
$top
|
query |
|
integer
int32
|
Maksymalna liczba rekordów do zwrócenia.
|
Odpowiedzi
Zabezpieczenia
azure_auth
Przepływ OAuth2 usługi Azure Active Directory
Typ:
oauth2
Flow:
implicit
Adres URL autoryzacji:
https://login.microsoftonline.com/common/oauth2/authorize
Zakresy
Nazwa |
Opis |
user_impersonation
|
personifikacja konta użytkownika
|
Przykłady
Query at management group scope
Przykładowe żądanie
POST https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForManagementGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScope.json
*/
/**
* Sample code: Query at management group scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtManagementGroupScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForManagementGroup(
PolicyEventsResourceType.DEFAULT,
"myManagementGroup",
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_management_group_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_management_group(
policy_events_resource="default",
management_group_name="myManagementGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForManagementGroupPager_queryAtManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForManagementGroupPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "myManagementGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/1ef5d536aec743a0aa801c1a"),
// PolicyAssignmentName: to.Ptr("1ef5d536aec743a0aa801c1a"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d"),
// PolicyDefinitionName: to.Ptr("022d9357-5a90-46f7-9554-21d30ce4c32d"),
// PolicyDefinitionReferenceID: to.Ptr("15521232277412542086"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5"),
// PolicySetDefinitionName: to.Ptr("335cefd2-ab16-430f-b364-974a170eb1d5"),
// PrincipalOid: to.Ptr("fff3e452-fff2-fff1-fff8-fff12618f1b8"),
// ResourceGroup: to.Ptr("myrg"),
// ResourceID: to.Ptr("/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension"),
// ResourceLocation: to.Ptr("westeurope"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Compute/virtualMachines/extensions"),
// SubscriptionID: to.Ptr("fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T22:19:18.889Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/95816fce53454b15a7ed803d"),
// PolicyAssignmentName: to.Ptr("95816fce53454b15a7ed803d"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"allowedLocations\":{\"value\":[\"eastus\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/a2c0414b-82e4-459d-97d5-94c79a89232c"),
// PolicyDefinitionName: to.Ptr("a2c0414b-82e4-459d-97d5-94c79a89232c"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PrincipalOid: to.Ptr("fff3e452-fff2-fff1-fff8-fff12618f1b8"),
// ResourceGroup: to.Ptr("myrg"),
// ResourceID: to.Ptr("/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension"),
// ResourceLocation: to.Ptr("westeurope"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Compute/virtualMachines/extensions"),
// SubscriptionID: to.Ptr("fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T22:19:18.889Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resources under the management group.
*
* @summary Queries policy events for the resources under the management group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScope.json
*/
async function queryAtManagementGroupScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const managementGroupName = "myManagementGroup";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForManagementGroup(
policyEventsResource,
managementGroupName
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.ManagementGroups;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScope.json
// this example is just showing the usage of "PolicyEvents_ListQueryResultsForManagementGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ManagementGroupResource created on azure
// for more information of creating ManagementGroupResource, please refer to the document of ManagementGroupResource
string managementGroupName = "myManagementGroup";
ResourceIdentifier managementGroupResourceId = ManagementGroupResource.CreateResourceIdentifier(managementGroupName);
ManagementGroupResource managementGroupResource = client.GetManagementGroupResource(managementGroupResourceId);
// invoke the operation and iterate over the result
PolicyEventType policyEventType = PolicyEventType.Default;
await foreach (PolicyEvent item in managementGroupResource.GetPolicyEventQueryResultsAsync(policyEventType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T22:19:18.8896095Z",
"resourceId": "/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/1ef5d536aec743a0aa801c1a",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef",
"resourceType": "/Microsoft.Compute/virtualMachines/extensions",
"resourceLocation": "westeurope",
"resourceGroup": "myrg",
"resourceTags": "tbd",
"policyAssignmentName": "1ef5d536aec743a0aa801c1a",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "022d9357-5a90-46f7-9554-21d30ce4c32d",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5",
"policySetDefinitionName": "335cefd2-ab16-430f-b364-974a170eb1d5",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "15521232277412542086",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff3e452-fff2-fff1-fff8-fff12618f1b8",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T22:19:18.8896095Z",
"resourceId": "/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/95816fce53454b15a7ed803d",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/a2c0414b-82e4-459d-97d5-94c79a89232c",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef",
"resourceType": "/Microsoft.Compute/virtualMachines/extensions",
"resourceLocation": "westeurope",
"resourceGroup": "myrg",
"resourceTags": "tbd",
"policyAssignmentName": "95816fce53454b15a7ed803d",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"allowedLocations\":{\"value\":[\"eastus\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "a2c0414b-82e4-459d-97d5-94c79a89232c",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff3e452-fff2-fff1-fff8-fff12618f1b8",
"complianceState": "NonCompliant"
}
]
}
Query at management group scope with next link
Przykładowe żądanie
POST https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForManagementGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScopeNextLink.json
*/
/**
* Sample code: Query at management group scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtManagementGroupScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForManagementGroup(
PolicyEventsResourceType.DEFAULT,
"myManagementGroup",
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_management_group_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_management_group(
policy_events_resource="default",
management_group_name="myManagementGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForManagementGroupPager_queryAtManagementGroupScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForManagementGroupPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "myManagementGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/1ef5d536aec743a0aa801c1a"),
// PolicyAssignmentName: to.Ptr("1ef5d536aec743a0aa801c1a"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d"),
// PolicyDefinitionName: to.Ptr("022d9357-5a90-46f7-9554-21d30ce4c32d"),
// PolicyDefinitionReferenceID: to.Ptr("15521232277412542086"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5"),
// PolicySetDefinitionName: to.Ptr("335cefd2-ab16-430f-b364-974a170eb1d5"),
// PrincipalOid: to.Ptr("fff3e452-fff2-fff1-fff8-fff12618f1b8"),
// ResourceGroup: to.Ptr("myrg"),
// ResourceID: to.Ptr("/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension"),
// ResourceLocation: to.Ptr("westeurope"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Compute/virtualMachines/extensions"),
// SubscriptionID: to.Ptr("fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T22:19:18.889Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/95816fce53454b15a7ed803d"),
// PolicyAssignmentName: to.Ptr("95816fce53454b15a7ed803d"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"allowedLocations\":{\"value\":[\"eastus\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/a2c0414b-82e4-459d-97d5-94c79a89232c"),
// PolicyDefinitionName: to.Ptr("a2c0414b-82e4-459d-97d5-94c79a89232c"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PrincipalOid: to.Ptr("fff3e452-fff2-fff1-fff8-fff12618f1b8"),
// ResourceGroup: to.Ptr("myrg"),
// ResourceID: to.Ptr("/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension"),
// ResourceLocation: to.Ptr("westeurope"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Compute/virtualMachines/extensions"),
// SubscriptionID: to.Ptr("fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T22:19:18.889Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resources under the management group.
*
* @summary Queries policy events for the resources under the management group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScopeNextLink.json
*/
async function queryAtManagementGroupScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const managementGroupName = "myManagementGroup";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForManagementGroup(
policyEventsResource,
managementGroupName,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.ManagementGroups;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryManagementGroupScopeNextLink.json
// this example is just showing the usage of "PolicyEvents_ListQueryResultsForManagementGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ManagementGroupResource created on azure
// for more information of creating ManagementGroupResource, please refer to the document of ManagementGroupResource
string managementGroupName = "myManagementGroup";
ResourceIdentifier managementGroupResourceId = ManagementGroupResource.CreateResourceIdentifier(managementGroupName);
ManagementGroupResource managementGroupResource = client.GetManagementGroupResource(managementGroupResourceId);
// invoke the operation and iterate over the result
PolicyEventType policyEventType = PolicyEventType.Default;
await foreach (PolicyEvent item in managementGroupResource.GetPolicyEventQueryResultsAsync(policyEventType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T22:19:18.8896095Z",
"resourceId": "/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/1ef5d536aec743a0aa801c1a",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef",
"resourceType": "/Microsoft.Compute/virtualMachines/extensions",
"resourceLocation": "westeurope",
"resourceGroup": "myrg",
"resourceTags": "tbd",
"policyAssignmentName": "1ef5d536aec743a0aa801c1a",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "022d9357-5a90-46f7-9554-21d30ce4c32d",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5",
"policySetDefinitionName": "335cefd2-ab16-430f-b364-974a170eb1d5",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "15521232277412542086",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff3e452-fff2-fff1-fff8-fff12618f1b8",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T22:19:18.8896095Z",
"resourceId": "/subscriptions/fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef/resourceGroups/myrg/providers/Microsoft.Compute/virtualMachines/myvm1/extensions/DAExtension",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/95816fce53454b15a7ed803d",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/a2c0414b-82e4-459d-97d5-94c79a89232c",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff8dfdb-fff3-fff0-fff4-fffdcbe6b2ef",
"resourceType": "/Microsoft.Compute/virtualMachines/extensions",
"resourceLocation": "westeurope",
"resourceGroup": "myrg",
"resourceTags": "tbd",
"policyAssignmentName": "95816fce53454b15a7ed803d",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"allowedLocations\":{\"value\":[\"eastus\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "a2c0414b-82e4-459d-97d5-94c79a89232c",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff3e452-fff2-fff1-fff8-fff12618f1b8",
"complianceState": "NonCompliant"
}
]
}
Definicje
ComponentEventDetails
Szczegóły zdarzenia składnika.
Nazwa |
Typ |
Opis |
id
|
string
|
Identyfikator składnika.
|
name
|
string
|
Nazwa składnika.
|
policyDefinitionAction
|
string
|
Akcja definicji zasad, tj. efekt.
|
principalOid
|
string
|
Identyfikator obiektu podmiotu zabezpieczeń dla użytkownika, który zainicjował operację składnika zasobu, która wyzwoliła zdarzenie zasad.
|
tenantId
|
string
|
Identyfikator dzierżawy dla rekordu zdarzenia zasad.
|
timestamp
|
string
|
Sygnatura czasowa rekordu zdarzeń zasad składników.
|
type
|
string
|
Typ składnika.
|
Error
Definicja błędu.
Nazwa |
Typ |
Opis |
code
|
string
|
Kod błędu specyficzny dla usługi, który służy jako stan podrzędny kodu błędu HTTP.
|
message
|
string
|
Opis błędu.
|
ManagementGroupsNamespaceType
Przestrzeń nazw dla dostawcy zasobów zarządzania firmy Microsoft; dozwolone jest tylko "Microsoft.Management".
Nazwa |
Typ |
Opis |
Microsoft.Management
|
string
|
|
PolicyEvent
Rekord zdarzenia zasad.
Nazwa |
Typ |
Opis |
@odata.context
|
string
|
Ciąg kontekstu OData; używane przez klientów OData do rozpoznawania informacji o typie na podstawie metadanych.
|
@odata.id
|
string
|
Identyfikator jednostki OData; ustawienie zawsze ma wartość null, ponieważ rekordy zdarzeń zasad nie mają identyfikatora jednostki.
|
complianceState
|
string
|
Stan zgodności zasobu.
|
components
|
ComponentEventDetails[]
|
Zdarzenia składników są wypełniane tylko wtedy, gdy adres URL zawiera klauzulę $expand=components.
|
effectiveParameters
|
string
|
Obowiązujące parametry przypisania zasad.
|
isCompliant
|
boolean
|
Flaga, która wskazuje, czy zasób jest zgodny z przypisaniem zasad, względem którego został oceniony.
|
managementGroupIds
|
string
|
Rozdzielona przecinkami lista identyfikatorów grup zarządzania, które reprezentują hierarchię grup zarządzania, w których znajduje się zasób.
|
policyAssignmentId
|
string
|
Identyfikator przypisania zasad.
|
policyAssignmentName
|
string
|
Nazwa przypisania zasad.
|
policyAssignmentOwner
|
string
|
Właściciel przypisania zasad.
|
policyAssignmentParameters
|
string
|
Parametry przypisania zasad.
|
policyAssignmentScope
|
string
|
Zakres przypisania zasad.
|
policyDefinitionAction
|
string
|
Akcja definicji zasad, tj. efekt.
|
policyDefinitionCategory
|
string
|
Kategoria definicji zasad.
|
policyDefinitionId
|
string
|
Identyfikator definicji zasad.
|
policyDefinitionName
|
string
|
Nazwa definicji zasad.
|
policyDefinitionReferenceId
|
string
|
Identyfikator odwołania dla definicji zasad w zestawie zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
policySetDefinitionCategory
|
string
|
Kategoria definicji zestawu zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
policySetDefinitionId
|
string
|
Identyfikator definicji zestawu zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
policySetDefinitionName
|
string
|
Nazwa definicji zestawu zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
policySetDefinitionOwner
|
string
|
Właściciel definicji zestawu zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
policySetDefinitionParameters
|
string
|
Parametry definicji zestawu zasad, jeśli przypisanie zasad dotyczy zestawu zasad.
|
principalOid
|
string
|
Identyfikator obiektu podmiotu zabezpieczeń dla użytkownika, który zainicjował operację zasobu, która wyzwoliła zdarzenie zasad.
|
resourceGroup
|
string
|
Nazwa grupy zasobów.
|
resourceId
|
string
|
Identyfikator zasobu.
|
resourceLocation
|
string
|
Lokalizacja zasobu.
|
resourceTags
|
string
|
Lista tagów zasobów.
|
resourceType
|
string
|
Typ zasobu.
|
subscriptionId
|
string
|
Identyfikator subskrypcji.
|
tenantId
|
string
|
Identyfikator dzierżawy dla rekordu zdarzenia zasad.
|
timestamp
|
string
|
Sygnatura czasowa rekordu zdarzenia zasad.
|
PolicyEventsQueryResults
Wyniki zapytania.
Nazwa |
Typ |
Opis |
@odata.context
|
string
|
Ciąg kontekstu OData; używane przez klientów OData do rozpoznawania informacji o typie na podstawie metadanych.
|
@odata.count
|
integer
|
Liczba jednostek OData; reprezentuje liczbę zwracanych rekordów zdarzeń zasad.
|
@odata.nextLink
|
string
|
Odata następny link; Adres URL umożliwiający uzyskanie następnego zestawu wyników.
|
value
|
PolicyEvent[]
|
Wyniki zapytania.
|
PolicyEventsResourceType
Nazwa zasobu wirtualnego w obszarze PolicyEvents typ zasobu; dozwolone jest tylko ustawienie "domyślne".
Nazwa |
Typ |
Opis |
default
|
string
|
|
QueryFailure
Odpowiedź na błąd.
Nazwa |
Typ |
Opis |
error
|
Error
|
Definicja błędu.
|