Role Assignment Schedule Requests - Validate

Service:

Authorization

API Version:

2020-10-01

Yeni bir rol ataması zamanlama isteğini doğrular.

POST https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate?api-version=2020-10-01

URI Parametreleri

Name	İçinde	Gerekli	Tür	Description
roleAssignmentScheduleRequestName	path	True	string	Doğrulanması gereken rol atama isteğinin adı.
scope	path	True	string	Doğrulanması gereken rol atama isteğinin kapsamı.
api-version	query	True	string	Bu işlem için kullanılacak API sürümü.

İstek Gövdesi

Name	Gerekli	Tür	Description
properties.principalId	True	string	Asıl kimlik.
properties.requestType	True	RequestType	Rol atama zamanlaması isteğinin türü. Örneğin: SelfActivate, AdminAssign vb.
properties.roleDefinitionId	True	string	Rol tanımı kimliği.
properties.condition		string	Rol ataması koşulları. Bu, atanabileceği kaynakları sınırlar. örneğin: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'
properties.conditionVersion		string	Koşulun sürümü. Şu anda kabul edilen değer : '2.0'
properties.justification		string	Rol ataması için gerekçe
properties.linkedRoleEligibilityScheduleId		string	Uygunluğu etkinleştirmek için bağlı rol uygunluk zamanlama kimliği.
properties.scheduleInfo		ScheduleInfo	Rol atama zamanlaması bilgilerini zamanlama
properties.targetRoleAssignmentScheduleId		string	Sonuçta elde edilen rol atama zamanlama kimliği veya güncelleştirilmekte olan rol atama zamanlama kimliği
properties.targetRoleAssignmentScheduleInstanceId		string	Güncelleştirilmekte olan rol ataması zamanlama örneği kimliği
properties.ticketInfo		TicketInfo	Rol atamasının Bilet Bilgileri

Yanıtlar

Name	Tür	Description
200 OK	RoleAssignmentScheduleRequest	Tamam - Rol atama isteği hakkındaki bilgileri döndürür.
Other Status Codes	CloudError	İşlemin neden başarısız olduğunu açıklayan hata yanıtı.

Güvenlik

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	kullanıcı hesabınızın kimliğine bürünme

Örnekler

ValidateRoleAssignmentScheduleRequestByName

Sample Request

HTTP

POST https://management.azure.com/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045/validate?api-version=2020-10-01

{
  "properties": {
    "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    "requestType": "SelfActivate",
    "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413",
    "scheduleInfo": {
      "startDateTime": "2020-09-09T21:35:27.91Z",
      "expiration": {
        "type": "AfterDuration",
        "endDateTime": null,
        "duration": "PT8H"
      }
    },
    "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    "conditionVersion": "1.0"
  }
}

Java

import com.azure.resourcemanager.authorization.fluent.models.RoleAssignmentScheduleRequestInner;
import com.azure.resourcemanager.authorization.models.RequestType;
import com.azure.resourcemanager.authorization.models.RoleAssignmentScheduleRequestPropertiesScheduleInfo;
import com.azure.resourcemanager.authorization.models.RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration;
import com.azure.resourcemanager.authorization.models.Type;
import java.time.OffsetDateTime;

/** Samples for RoleAssignmentScheduleRequests Validate. */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * ValidateRoleAssignmentScheduleRequestByName.json
     */
    /**
     * Sample code: ValidateRoleAssignmentScheduleRequestByName.
     *
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void
        validateRoleAssignmentScheduleRequestByName(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleAssignmentScheduleRequests()
            .validateWithResponse("subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
                "fea7a502-9a96-4806-a26f-eee560e52045",
                new RoleAssignmentScheduleRequestInner().withRoleDefinitionId(
                    "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608")
                    .withPrincipalId("a3bb8764-cb92-4276-9d2a-ca1e895e55ea").withRequestType(RequestType.SELF_ACTIVATE)
                    .withScheduleInfo(new RoleAssignmentScheduleRequestPropertiesScheduleInfo()
                        .withStartDateTime(OffsetDateTime.parse("2020-09-09T21:35:27.91Z"))
                        .withExpiration(new RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration()
                            .withType(Type.AFTER_DURATION).withDuration("PT8H")))
                    .withLinkedRoleEligibilityScheduleId("b1477448-2cc6-4ceb-93b4-54a202a89413")
                    .withCondition("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName]"
                        + " StringEqualsIgnoreCase 'foo_storage_container'")
                    .withConditionVersion("1.0"),
                com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armauthorization_test

import (
	"context"
	"log"

	"time"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json
func ExampleRoleAssignmentScheduleRequestsClient_Validate() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewRoleAssignmentScheduleRequestsClient().Validate(ctx, "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "fea7a502-9a96-4806-a26f-eee560e52045", armauthorization.RoleAssignmentScheduleRequest{
		Properties: &armauthorization.RoleAssignmentScheduleRequestProperties{
			Condition:                       to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
			ConditionVersion:                to.Ptr("1.0"),
			LinkedRoleEligibilityScheduleID: to.Ptr("b1477448-2cc6-4ceb-93b4-54a202a89413"),
			PrincipalID:                     to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
			RequestType:                     to.Ptr(armauthorization.RequestTypeSelfActivate),
			RoleDefinitionID:                to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
			ScheduleInfo: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfo{
				Expiration: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration{
					Type:     to.Ptr(armauthorization.TypeAfterDuration),
					Duration: to.Ptr("PT8H"),
				},
				StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t }()),
			},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.RoleAssignmentScheduleRequest = armauthorization.RoleAssignmentScheduleRequest{
	// 	Name: to.Ptr("fea7a502-9a96-4806-a26f-eee560e52045"),
	// 	Type: to.Ptr("Microsoft.Authorization/RoleAssignmentScheduleRequests"),
	// 	ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045"),
	// 	Properties: &armauthorization.RoleAssignmentScheduleRequestProperties{
	// 		Condition: to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
	// 		ConditionVersion: to.Ptr("1.0"),
	// 		CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t}()),
	// 		ExpandedProperties: &armauthorization.ExpandedProperties{
	// 			Principal: &armauthorization.ExpandedPropertiesPrincipal{
	// 				Type: to.Ptr("User"),
	// 				DisplayName: to.Ptr("User Account"),
	// 				Email: to.Ptr("user@my-tenant.com"),
	// 				ID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
	// 			},
	// 			RoleDefinition: &armauthorization.ExpandedPropertiesRoleDefinition{
	// 				Type: to.Ptr("BuiltInRole"),
	// 				DisplayName: to.Ptr("Contributor"),
	// 				ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
	// 			},
	// 			Scope: &armauthorization.ExpandedPropertiesScope{
	// 				Type: to.Ptr("subscription"),
	// 				DisplayName: to.Ptr("Pay-As-You-Go"),
	// 				ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
	// 			},
	// 		},
	// 		PrincipalID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
	// 		PrincipalType: to.Ptr(armauthorization.PrincipalTypeUser),
	// 		RequestType: to.Ptr(armauthorization.RequestTypeSelfActivate),
	// 		RequestorID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
	// 		RoleDefinitionID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
	// 		ScheduleInfo: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfo{
	// 			Expiration: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration{
	// 				Type: to.Ptr(armauthorization.TypeAfterDuration),
	// 				Duration: to.Ptr("PT8H"),
	// 			},
	// 			StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t}()),
	// 		},
	// 		Scope: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
	// 		Status: to.Ptr(armauthorization.StatusProvisioned),
	// 		TargetRoleAssignmentScheduleID: to.Ptr("c9e264ff-3133-4776-a81a-ebc7c33c8ec6"),
	// 		TicketInfo: &armauthorization.RoleAssignmentScheduleRequestPropertiesTicketInfo{
	// 		},
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Validates a new role assignment schedule request.
 *
 * @summary Validates a new role assignment schedule request.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json
 */
async function validateRoleAssignmentScheduleRequestByName() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope = "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
  const roleAssignmentScheduleRequestName = "fea7a502-9a96-4806-a26f-eee560e52045";
  const parameters = {
    condition:
      "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    conditionVersion: "1.0",
    linkedRoleEligibilityScheduleId: "b1477448-2cc6-4ceb-93b4-54a202a89413",
    principalId: "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    requestType: "SelfActivate",
    roleDefinitionId:
      "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    scheduleInfo: {
      expiration: {
        type: "AfterDuration",
        duration: "PT8H",
        endDateTime: undefined,
      },
      startDateTime: new Date("2020-09-09T21:35:27.91Z"),
    },
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const result = await client.roleAssignmentScheduleRequests.validate(
    scope,
    roleAssignmentScheduleRequestName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using System.Xml;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Authorization;
using Azure.ResourceManager.Authorization.Models;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json
// this example is just showing the usage of "RoleAssignmentScheduleRequests_Validate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this RoleAssignmentScheduleRequestResource created on azure
// for more information of creating RoleAssignmentScheduleRequestResource, please refer to the document of RoleAssignmentScheduleRequestResource
string scope = "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
string roleAssignmentScheduleRequestName = "fea7a502-9a96-4806-a26f-eee560e52045";
ResourceIdentifier roleAssignmentScheduleRequestResourceId = RoleAssignmentScheduleRequestResource.CreateResourceIdentifier(scope, roleAssignmentScheduleRequestName);
RoleAssignmentScheduleRequestResource roleAssignmentScheduleRequest = client.GetRoleAssignmentScheduleRequestResource(roleAssignmentScheduleRequestResourceId);

// invoke the operation
RoleAssignmentScheduleRequestData data = new RoleAssignmentScheduleRequestData()
{
    RoleDefinitionId = new ResourceIdentifier("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
    PrincipalId = Guid.Parse("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
    RequestType = RoleManagementScheduleRequestType.SelfActivate,
    LinkedRoleEligibilityScheduleId = new ResourceIdentifier("b1477448-2cc6-4ceb-93b4-54a202a89413"),
    Condition = "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    ConditionVersion = "1.0",
    StartOn = DateTimeOffset.Parse("2020-09-09T21:35:27.91Z"),
    ExpirationType = RoleManagementScheduleExpirationType.AfterDuration,
    EndOn = null,
    Duration = XmlConvert.ToTimeSpan("PT8H"),
};
RoleAssignmentScheduleRequestResource result = await roleAssignmentScheduleRequest.ValidateAsync(data);

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
RoleAssignmentScheduleRequestData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:

200

{
  "properties": {
    "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6",
    "targetRoleAssignmentScheduleInstanceId": null,
    "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
    "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "principalType": "User",
    "requestType": "SelfActivate",
    "status": "Provisioned",
    "approvalId": null,
    "scheduleInfo": {
      "startDateTime": "2020-09-09T21:35:27.91Z",
      "expiration": {
        "type": "AfterDuration",
        "endDateTime": null,
        "duration": "PT8H"
      }
    },
    "ticketInfo": {
      "ticketNumber": null,
      "ticketSystem": null
    },
    "justification": null,
    "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "createdOn": "2020-09-09T21:35:27.91Z",
    "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    "conditionVersion": "1.0",
    "expandedProperties": {
      "scope": {
        "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "displayName": "Pay-As-You-Go",
        "type": "subscription"
      },
      "roleDefinition": {
        "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
        "displayName": "Contributor",
        "type": "BuiltInRole"
      },
      "principal": {
        "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "displayName": "User Account",
        "email": "user@my-tenant.com",
        "type": "User"
      }
    }
  },
  "name": "fea7a502-9a96-4806-a26f-eee560e52045",
  "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045",
  "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests"
}

Tanımlar

Name	Description
CloudError	Hizmetten bir hata yanıtı.
CloudErrorBody	Hizmetten bir hata yanıtı.
ExpandedProperties
Expiration	Rol atama zamanlamasının süre sonu
Principal	Sorumlunun ayrıntıları
principalType	Atanan asıl kimliğin asıl türü.
RequestType	Rol atama zamanlaması isteğinin türü. Örneğin: SelfActivate, AdminAssign vb.
RoleAssignmentScheduleRequest	Rol Ataması zamanlama isteği
RoleDefinition	Rol tanımının ayrıntıları
ScheduleInfo	Rol atama zamanlaması bilgilerini zamanlama
Scope	Kaynak kapsamının ayrıntıları
Status	Rol atama zamanlaması isteğinin durumu.
TicketInfo	Rol atamasının Bilet Bilgileri
Type	Rol atama zamanlaması süre sonu türü

CloudError

Hizmetten bir hata yanıtı.

Name	Tür	Description
error	CloudErrorBody	Hizmetten bir hata yanıtı.

CloudErrorBody

Hizmetten bir hata yanıtı.

Name	Tür	Description
code	string	Hatanın tanımlayıcısı. Kodlar sabittir ve program aracılığıyla kullanılması amaçlanmıştır.
message	string	Hatayı açıklayan ve kullanıcı arabiriminde görüntülenmeye uygun olması amaçlanan bir ileti.

ExpandedProperties

Name	Tür	Description
principal	Principal	Sorumlunun ayrıntıları
roleDefinition	RoleDefinition	Rol tanımının ayrıntıları
scope	Scope	Kaynak kapsamının ayrıntıları

Expiration

Rol atama zamanlamasının süre sonu

Name	Tür	Description
duration	string	TimeSpan'da rol atama zamanlamasının süresi.
endDateTime	string	Rol atama zamanlamasının Bitiş Tarihi Saat.
type	Type	Rol atama zamanlaması süre sonu türü

Principal

Sorumlunun ayrıntıları

Name	Tür	Description
displayName	string	Sorumlunun görünen adı
email	string	Sorumlunun Email kimliği
id	string	Sorumlunun kimliği
type	string	Sorumlunun türü

principalType

Atanan asıl kimliğin asıl türü.

Name	Tür	Description
Device	string
ForeignGroup	string
Group	string
ServicePrincipal	string
User	string

RequestType

Rol atama zamanlaması isteğinin türü. Örneğin: SelfActivate, AdminAssign vb.

Name	Tür	Description
AdminAssign	string
AdminExtend	string
AdminRemove	string
AdminRenew	string
AdminUpdate	string
SelfActivate	string
SelfDeactivate	string
SelfExtend	string
SelfRenew	string

RoleAssignmentScheduleRequest

Rol Ataması zamanlama isteği

Name	Tür	Description
id	string	Rol atama zamanlaması istek kimliği.
name	string	Rol ataması zamanlama isteği adı.
properties.approvalId	string	Rol atama zamanlama isteğinin approvalId değeri.
properties.condition	string	Rol ataması koşulları. Bu, atanabileceği kaynakları sınırlar. örneğin: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'
properties.conditionVersion	string	Koşulun sürümü. Şu anda kabul edilen değer : '2.0'
properties.createdOn	string	Rol atama zamanlaması isteği oluşturulduğunda DateTime
properties.expandedProperties	ExpandedProperties	Sorumlu, kapsam ve rol tanımının ek özellikleri
properties.justification	string	Rol ataması için gerekçe
properties.linkedRoleEligibilityScheduleId	string	Uygunluğu etkinleştirmek için bağlı rol uygunluk zamanlama kimliği.
properties.principalId	string	Asıl kimlik.
properties.principalType	principalType	Atanan asıl kimliğin asıl türü.
properties.requestType	RequestType	Rol atama zamanlaması isteğinin türü. Örneğin: SelfActivate, AdminAssign vb.
properties.requestorId	string	Bu isteği oluşturan kullanıcının kimliği
properties.roleDefinitionId	string	Rol tanımı kimliği.
properties.scheduleInfo	ScheduleInfo	Rol atama zamanlaması bilgilerini zamanlama
properties.scope	string	Rol atama zamanlaması istek kapsamı.
properties.status	Status	Rol atama zamanlaması isteğinin durumu.
properties.targetRoleAssignmentScheduleId	string	Sonuçta elde edilen rol atama zamanlama kimliği veya güncelleştirilmekte olan rol atama zamanlama kimliği
properties.targetRoleAssignmentScheduleInstanceId	string	Güncelleştirilmekte olan rol ataması zamanlama örneği kimliği
properties.ticketInfo	TicketInfo	Rol atamasının Bilet Bilgileri
type	string	Rol atama zamanlaması istek türü.

RoleDefinition

Rol tanımının ayrıntıları

Name	Tür	Description
displayName	string	Rol tanımının görünen adı
id	string	Rol tanımının kimliği
type	string	Rol tanımının türü

ScheduleInfo

Rol atama zamanlaması bilgilerini zamanlama

Name	Tür	Description
expiration	Expiration	Rol atama zamanlamasının süre sonu
startDateTime	string	Rol atama zamanlamasının DateTime değerini başlatın.

Scope

Kaynak kapsamının ayrıntıları

Name	Tür	Description
displayName	string	Kaynağın görünen adı
id	string	Kaynağın kapsam kimliği
type	string	Kaynağın türü

Status

Rol atama zamanlaması isteğinin durumu.

Name	Tür	Description
Accepted	string
AdminApproved	string
AdminDenied	string
Canceled	string
Denied	string
Failed	string
FailedAsResourceIsLocked	string
Granted	string
Invalid	string
PendingAdminDecision	string
PendingApproval	string
PendingApprovalProvisioning	string
PendingEvaluation	string
PendingExternalProvisioning	string
PendingProvisioning	string
PendingRevocation	string
PendingScheduleCreation	string
Provisioned	string
ProvisioningStarted	string
Revoked	string
ScheduleCreated	string
TimedOut	string

TicketInfo

Rol atamasının Bilet Bilgileri

Name	Tür	Description
ticketNumber	string	Rol ataması için bilet numarası
ticketSystem	string	Rol ataması için bilet sistemi adı

Type

Rol atama zamanlaması süre sonu türü

Name	Tür	Description
AfterDateTime	string
AfterDuration	string
NoExpiration	string