Consulta eventos de política para o recurso.
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$expand={$expand}&$skiptoken={$skiptoken}
Parâmetros do URI
| Name |
Em |
Necessário |
Tipo |
Description |
|
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
O nome do recurso virtual em Tipo de recurso PolicyEvents; só é permitida a "predefinição".
|
|
resourceId
|
path |
True
|
string
|
ID do Recurso.
|
|
api-version
|
query |
True
|
string
|
Versão da API de Cliente.
|
|
$apply
|
query |
|
string
|
OData aplica expressão para agregações.
|
|
$expand
|
query |
|
string
|
O parâmetro de consulta $expand. Por exemplo, para expandir componentes, utilize $expand=componentes
|
|
$filter
|
query |
|
string
|
Expressão de filtro OData.
|
|
$from
|
query |
|
string
date-time
|
Carimbo de data/hora formatado ISO 8601 que especifica a hora de início do intervalo para consulta. Quando não for especificado, o serviço utiliza ($to - 1 dia).
|
|
$orderby
|
query |
|
string
|
Ordenar expressão com notação OData. Um ou mais nomes de colunas separadas por vírgulas com um "desc" opcional (a predefinição) ou "asc", por exemplo, "$orderby=PolicyAssignmentId, ResourceId asc".
|
|
$select
|
query |
|
string
|
Selecione expressão com notação OData. Limita as colunas em cada registo apenas às pedidas, por exemplo, "$select=PolicyAssignmentId, ResourceId".
|
|
$skiptoken
|
query |
|
string
|
O skiptoken só é fornecido se uma resposta anterior devolver um resultado parcial como parte do elemento nextLink.
|
|
$to
|
query |
|
string
date-time
|
Carimbo de data/hora formatado ISO 8601 que especifica a hora de fim do intervalo para consulta. Quando não for especificado, o serviço utiliza o tempo de pedido.
|
|
$top
|
query |
|
integer
int32
|
Número máximo de registos a devolver.
|
Respostas
Segurança
azure_auth
Fluxo OAuth2 do Azure Active Directory
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
representar a sua conta de utilizador
|
Exemplos
Query at nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
/**
* Sample code: Query at nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
async function queryAtNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
/**
* Sample code: Query at resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScope(com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
async function queryAtResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
async function queryAtResourceScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
/**
* Sample code: Query at subscription level nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
async function queryAtSubscriptionLevelNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
/**
* Sample code: Query at subscription level resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
async function queryAtSubscriptionLevelResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query components policy events count grouped by user and action type for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components_group_by_with_aggregate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// AdditionalProperties: map[string]any{
// "totalActions": float64(6),
// },
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
async function queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand =
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit",
"totalActions": 6
}
]
}
]
}
Query components policy events for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
/**
* Sample code: Query components policy events for resource scope filtered by given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// Name: to.Ptr("cert-RSA-cert-3"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-3"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:23.036Z"); return t}()),
// },
// {
// Name: to.Ptr("cert-RSA-cert-2"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-2"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:22.768Z"); return t}()),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
async function queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand = "components";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"id": "cert-RSA-cert-3",
"type": "Certificate",
"name": "cert-RSA-cert-3",
"timestamp": "2020-02-21T17:45:23.0367Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
},
{
"id": "cert-RSA-cert-2",
"type": "Certificate",
"name": "cert-RSA-cert-2",
"timestamp": "2020-02-21T17:45:22.7682778Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
}
]
}
]
}
Definições
ComponentEventDetails
Detalhes do evento do componente.
| Name |
Tipo |
Description |
|
id
|
string
|
ID do componente.
|
|
name
|
string
|
Nome do componente.
|
|
policyDefinitionAction
|
string
|
Ação de definição de política, ou seja, efeito.
|
|
principalOid
|
string
|
ID de objeto principal para o utilizador que iniciou a operação do componente de recurso que acionou o evento de política.
|
|
tenantId
|
string
|
ID do inquilino do registo de eventos de política.
|
|
timestamp
|
string
|
Carimbo de data/hora para o registo de eventos da política de componentes.
|
|
type
|
string
|
Tipo de componente.
|
Error
Definição de erro.
| Name |
Tipo |
Description |
|
code
|
string
|
Código de erro específico do serviço que serve como o subtatus para o código de erro HTTP.
|
|
message
|
string
|
Descrição do erro.
|
PolicyEvent
Registo de eventos de política.
| Name |
Tipo |
Description |
|
@odata.context
|
string
|
Cadeia de contexto OData; utilizado pelos clientes OData para resolver informações do tipo com base em metadados.
|
|
@odata.id
|
string
|
ID da entidade OData; sempre definido como nulo, uma vez que os registos de eventos de política não têm um ID de entidade.
|
|
complianceState
|
string
|
Estado de conformidade do recurso.
|
|
components
|
ComponentEventDetails[]
|
Os registos de eventos de componentes são preenchidos apenas quando o URL contém a cláusula $expand=components.
|
|
effectiveParameters
|
string
|
Parâmetros eficazes para a atribuição de políticas.
|
|
isCompliant
|
boolean
|
Sinalize o que indica se o recurso está em conformidade com a atribuição de política em que foi avaliado.
|
|
managementGroupIds
|
string
|
Lista separada por vírgulas de IDs de grupo de gestão, que representam a hierarquia dos grupos de gestão em que o recurso se encontra.
|
|
policyAssignmentId
|
string
|
ID de atribuição de política.
|
|
policyAssignmentName
|
string
|
Nome da atribuição de política.
|
|
policyAssignmentOwner
|
string
|
Proprietário da atribuição de políticas.
|
|
policyAssignmentParameters
|
string
|
Parâmetros de atribuição de políticas.
|
|
policyAssignmentScope
|
string
|
Âmbito da atribuição de políticas.
|
|
policyDefinitionAction
|
string
|
Ação de definição de política, ou seja, efeito.
|
|
policyDefinitionCategory
|
string
|
Categoria de definição de política.
|
|
policyDefinitionId
|
string
|
ID de definição de política.
|
|
policyDefinitionName
|
string
|
Nome da definição de política.
|
|
policyDefinitionReferenceId
|
string
|
ID de referência para a definição de política dentro do conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
policySetDefinitionCategory
|
string
|
Categoria de definição de conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
policySetDefinitionId
|
string
|
ID de definição do conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
policySetDefinitionName
|
string
|
Nome da definição do conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
policySetDefinitionOwner
|
string
|
Proprietário da definição do conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
policySetDefinitionParameters
|
string
|
Parâmetros de definição do conjunto de políticas, se a atribuição de política for para um conjunto de políticas.
|
|
principalOid
|
string
|
ID de objeto principal para o utilizador que iniciou a operação de recurso que acionou o evento de política.
|
|
resourceGroup
|
string
|
Nome do grupo de recursos.
|
|
resourceId
|
string
|
ID do Recurso.
|
|
resourceLocation
|
string
|
Localização do recurso.
|
|
resourceTags
|
string
|
Lista de etiquetas de recursos.
|
|
resourceType
|
string
|
Tipo de recurso.
|
|
subscriptionId
|
string
|
ID da Subscrição.
|
|
tenantId
|
string
|
ID do inquilino do registo de eventos de política.
|
|
timestamp
|
string
|
Carimbo de data/hora para o registo de eventos de política.
|
PolicyEventsQueryResults
Resultados da consulta.
| Name |
Tipo |
Description |
|
@odata.context
|
string
|
Cadeia de contexto OData; utilizado pelos clientes OData para resolver informações do tipo com base em metadados.
|
|
@odata.count
|
integer
|
Contagem de entidades OData; representa o número de registos de eventos de política devolvidos.
|
|
@odata.nextLink
|
string
|
Ligação seguinte do Odata; URL para obter o próximo conjunto de resultados.
|
|
value
|
PolicyEvent[]
|
Resultados da consulta.
|
PolicyEventsResourceType
O nome do recurso virtual em Tipo de recurso PolicyEvents; só é permitida a "predefinição".
| Name |
Tipo |
Description |
|
default
|
string
|
|
QueryFailure
Resposta de erro.
| Name |
Tipo |
Description |
|
error
|
Error
|
Definição de erro.
|