你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn

Role Management Policy Assignments - List For Scope

获取资源范围的角色管理分配策略。

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments?api-version=2020-10-01

URI 参数

名称 必需 类型 说明
scope
path True

string

角色管理策略的范围。

api-version
query True

string

要用于此操作的 API 版本。

响应

名称 类型 说明
200 OK

RoleManagementPolicyAssignmentListResult

确定 - 返回角色管理策略的数组。

Other Status Codes

CloudError

描述操作失败原因的错误响应。

安全性

azure_auth

Azure Active Directory OAuth2 流

类型: oauth2
流向: implicit
授权 URL: https://login.microsoftonline.com/common/oauth2/authorize

作用域

名称 说明
user_impersonation 模拟用户帐户

示例

GetRoleManagementPolicyAssignmentByScope

示例请求

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignments?api-version=2020-10-01

示例响应

{
  "value": [
    {
      "properties": {
        "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
        "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
        "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
        "effectiveRules": [
          {
            "enabledRules": [],
            "id": "Enablement_Admin_Eligibility",
            "ruleType": "RoleManagementPolicyEnablementRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Eligibility",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "isExpirationRequired": true,
            "maximumDuration": "P90D",
            "id": "Expiration_Admin_Eligibility",
            "ruleType": "RoleManagementPolicyExpirationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Eligibility",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Admin",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "admin_admin_eligible@test.com"
            ],
            "id": "Notification_Admin_Admin_Eligibility",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Eligibility",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Requestor",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "requestor_admin_eligible@test.com"
            ],
            "id": "Notification_Requestor_Admin_Eligibility",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Eligibility",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Approver",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "approver_admin_eligible@test.com"
            ],
            "id": "Notification_Approver_Admin_Eligibility",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Eligibility",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "enabledRules": [
              "MultiFactorAuthentication",
              "Justification"
            ],
            "id": "Enablement_Admin_Assignment",
            "ruleType": "RoleManagementPolicyEnablementRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "isExpirationRequired": false,
            "maximumDuration": "P90D",
            "id": "Expiration_Admin_Assignment",
            "ruleType": "RoleManagementPolicyExpirationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Admin",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "admin_admin_member@test.com"
            ],
            "id": "Notification_Admin_Admin_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Requestor",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "requestor_admin_member@test.com"
            ],
            "id": "Notification_Requestor_Admin_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Approver",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "approver_admin_member@test.com"
            ],
            "id": "Notification_Approver_Admin_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "Admin",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "setting": {
              "isApprovalRequired": true,
              "isApprovalRequiredForExtension": false,
              "isRequestorJustificationRequired": true,
              "approvalMode": "SingleStage",
              "approvalStages": [
                {
                  "approvalStageTimeOutInDays": 1,
                  "isApproverJustificationRequired": true,
                  "escalationTimeInMinutes": 0,
                  "primaryApprovers": [
                    {
                      "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                      "description": "amansw_new_group",
                      "isBackup": false,
                      "userType": "Group"
                    },
                    {
                      "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                      "description": "amansw_group",
                      "isBackup": false,
                      "userType": "Group"
                    }
                  ],
                  "isEscalationEnabled": false,
                  "escalationApprovers": null
                }
              ]
            },
            "id": "Approval_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyApprovalRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "isEnabled": false,
            "claimValue": "",
            "id": "AuthenticationContext_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyAuthenticationContextRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "enabledRules": [
              "MultiFactorAuthentication",
              "Justification",
              "Ticketing"
            ],
            "id": "Enablement_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyEnablementRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "isExpirationRequired": true,
            "maximumDuration": "PT7H",
            "id": "Expiration_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyExpirationRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Admin",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "admin_enduser_member@test.com"
            ],
            "id": "Notification_Admin_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Requestor",
            "isDefaultRecipientsEnabled": false,
            "notificationLevel": "Critical",
            "notificationRecipients": [
              "requestor_enduser_member@test.com"
            ],
            "id": "Notification_Requestor_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          },
          {
            "notificationType": "Email",
            "recipientType": "Approver",
            "isDefaultRecipientsEnabled": true,
            "notificationLevel": "Critical",
            "notificationRecipients": null,
            "id": "Notification_Approver_EndUser_Assignment",
            "ruleType": "RoleManagementPolicyNotificationRule",
            "target": {
              "caller": "EndUser",
              "operations": [
                "All"
              ],
              "level": "Assignment",
              "targetObjects": null,
              "inheritableSettings": null,
              "enforcedSettings": null
            }
          }
        ],
        "policyAssignmentProperties": {
          "scope": {
            "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
            "displayName": "Pay-As-You-Go",
            "type": "subscription"
          },
          "roleDefinition": {
            "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
            "displayName": "FHIR Data Converter",
            "type": "BuiltInRole"
          },
          "policy": {
            "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
            "lastModifiedBy": {
              "id": null,
              "displayName": "Admin",
              "type": null,
              "email": null
            },
            "lastModifiedDateTime": null
          }
        }
      },
      "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
      "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
      "type": "Microsoft.Authorization/RoleManagementPolicyAssignment"
    }
  ]
}

定义

名称 说明
CloudError

来自服务的错误响应。

CloudErrorBody

来自服务的错误响应。

Policy

策略的详细信息

PolicyAssignmentProperties

资源范围、角色定义和策略的扩展信息

Principal

上次修改它的实体的名称

RoleDefinition

角色定义的详细信息

RoleManagementPolicyAssignment

角色管理策略

RoleManagementPolicyAssignmentListResult

角色管理策略分配列表操作结果。

Scope

资源范围的详细信息

CloudError

来自服务的错误响应。

名称 类型 说明
error

CloudErrorBody

来自服务的错误响应。

CloudErrorBody

来自服务的错误响应。

名称 类型 说明
code

string

错误的标识符。 代码是固定的,旨在以编程方式使用。

message

string

描述错误的消息,该消息适用于在用户界面中显示。

Policy

策略的详细信息

名称 类型 说明
id

string

策略的 ID

lastModifiedBy

Principal

上次修改它的实体的名称

lastModifiedDateTime

string

上次修改日期时间。

PolicyAssignmentProperties

资源范围、角色定义和策略的扩展信息

名称 类型 说明
policy

Policy

策略的详细信息

roleDefinition

RoleDefinition

角色定义的详细信息

scope

Scope

资源范围的详细信息

Principal

上次修改它的实体的名称

名称 类型 说明
displayName

string

已更改的主体的名称

email

string

主体Email

id

string

已更改的主体的 ID

type

string

主体类型,例如用户、组等

RoleDefinition

角色定义的详细信息

名称 类型 说明
displayName

string

角色定义的显示名称

id

string

角色定义的 ID

type

string

角色定义的类型

RoleManagementPolicyAssignment

角色管理策略

名称 类型 说明
id

string

角色管理策略 ID。

name

string

角色管理策略名称。

properties.effectiveRules

RoleManagementPolicyRule[]

应用于策略的只读计算规则。

properties.policyAssignmentProperties

PolicyAssignmentProperties

范围、角色定义和策略的其他属性

properties.policyId

string

策略 ID 角色管理策略分配。

properties.roleDefinitionId

string

管理策略分配的角色定义。

properties.scope

string

角色管理策略范围。

type

string

角色管理策略类型。

RoleManagementPolicyAssignmentListResult

角色管理策略分配列表操作结果。

名称 类型 说明
nextLink

string

用于获取下一组结果的 URL。

value

RoleManagementPolicyAssignment[]

角色管理策略分配列表。

Scope

资源范围的详细信息

名称 类型 说明
displayName

string

资源的显示名称

id

string

资源的范围 ID

type

string

资源的类型