Queries policy events for the resource.
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$expand={$expand}&$skiptoken={$skiptoken}
URI Parameters
| Name |
In |
Required |
Type |
Description |
|
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
The name of the virtual resource under PolicyEvents resource type; only "default" is allowed.
|
|
resourceId
|
path |
True
|
string
|
Resource ID.
|
|
api-version
|
query |
True
|
string
|
Client Api Version.
|
|
$apply
|
query |
|
string
|
OData apply expression for aggregations.
|
|
$expand
|
query |
|
string
|
The $expand query parameter. For example, to expand components use $expand=components
|
|
$filter
|
query |
|
string
|
OData filter expression.
|
|
$from
|
query |
|
string
date-time
|
ISO 8601 formatted timestamp specifying the start time of the interval to query. When not specified, the service uses ($to - 1-day).
|
|
$orderby
|
query |
|
string
|
Ordering expression using OData notation. One or more comma-separated column names with an optional "desc" (the default) or "asc", e.g. "$orderby=PolicyAssignmentId, ResourceId asc".
|
|
$select
|
query |
|
string
|
Select expression using OData notation. Limits the columns on each record to just those requested, e.g. "$select=PolicyAssignmentId, ResourceId".
|
|
$skiptoken
|
query |
|
string
|
Skiptoken is only provided if a previous response returned a partial result as a part of nextLink element.
|
|
$to
|
query |
|
string
date-time
|
ISO 8601 formatted timestamp specifying the end time of the interval to query. When not specified, the service uses request time.
|
|
$top
|
query |
|
integer
int32
|
Maximum number of records to return.
|
Responses
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
impersonate your user account
|
Examples
Query at nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
/**
* Sample code: Query at nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryNestedResourceScope.json
*/
async function queryAtNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/microsoft.servicefabric/clusters/myCluster/applications/myApplication/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
/**
* Sample code: Query at resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScope(com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScope.json
*/
async function queryAtResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at resource scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtResourceScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
async function queryAtResourceScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ClassicCompute/domainNames",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level nested resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
/**
* Sample code: Query at subscription level nested resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelNestedResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_nested_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelNestedResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType/someNestedResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelNestedResourceScope.json
*/
async function queryAtSubscriptionLevelNestedResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResource/someNestedResourceType/someNestedResource",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType/someNestedResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level resource scope
Sample Request
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
/**
* Sample code: Query at subscription level resource scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelResourceScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
null,
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_resource_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryAtSubscriptionLevelResourceScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentName: to.Ptr("ec8f9645-8ecb-4abb-9c0b-5292f19d4003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.847Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentName: to.Ptr("d15545b8-ff50-409a-a6e3-5bd5cc954003"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicyDefinitionName: to.Ptr("201ea587-7c90-41c3-910f-c280ae01cfd6"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PolicySetDefinitionName: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr(""),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.SomeNamespace/someResourceType"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T15:14:39.584Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelResourceScope.json
*/
async function queryAtSubscriptionLevelResourceScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.8473851Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "ec8f9645-8ecb-4abb-9c0b-5292f19d4003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T15:14:39.5842458Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.SomeNamespace/someResourceType/someResourceName",
"policyAssignmentId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/providers/Microsoft.Authorization/policyAssignments/d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/201ea587-7c90-41c3-910f-c280ae01cfd6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.SomeNamespace/someResourceType",
"resourceLocation": "eastus",
"resourceGroup": "",
"resourceTags": "tbd",
"policyAssignmentName": "d15545b8-ff50-409a-a6e3-5bd5cc954003",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"policyDefinitionName": "201ea587-7c90-41c3-910f-c280ae01cfd6",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query components policy events count grouped by user and action type for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components_group_by_with_aggregate.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// AdditionalProperties: map[string]any{
// "totalActions": float64(6),
// },
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
async function queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand =
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as totalActions)))";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit",
"totalActions": 6
}
]
}
]
}
Query components policy events for resource scope filtered by given assignment.
Sample Request
POST https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$filter=policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'&$expand=components
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResource. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
/**
* Sample code: Query components policy events for resource scope filtered by given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponentsGroupByWithAggregate.json
*/
/**
* Sample code: Query components policy events count grouped by user and action type for resource scope filtered by
* given assignment.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void
queryComponentsPolicyEventsCountGroupedByUserAndActionTypeForResourceScopeFilteredByGivenAssignment(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
null,
null,
null,
null,
null,
"policyAssignmentId eq"
+ " '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'",
null,
"components($apply=groupby((tenantId, principalOid, policyDefinitionAction), aggregate($count as"
+ " totalActions)))",
null,
Context.NONE);
}
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeNextLink.json
*/
/**
* Sample code: Query at resource scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResource(
PolicyEventsResourceType.DEFAULT,
"subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName",
null,
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_scope_expand_components.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="SUBSCRIPTION_ID",
)
response = client.policy_events.list_query_results_for_resource(
policy_events_resource="default",
resource_id="subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourcePager_queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourcePager(armpolicyinsights.PolicyEventsResourceTypeDefault, "subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName", &armpolicyinsights.QueryOptions{Top: nil,
Filter: to.Ptr("policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'"),
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: to.Ptr("components"),
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](1),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// Components: []*armpolicyinsights.ComponentEventDetails{
// {
// Name: to.Ptr("cert-RSA-cert-3"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-3"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:23.036Z"); return t}()),
// },
// {
// Name: to.Ptr("cert-RSA-cert-2"),
// Type: to.Ptr("Certificate"),
// ID: to.Ptr("cert-RSA-cert-2"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PrincipalOid: to.Ptr("0d81b461-6bb0-4909-a102-d51803a7d275"),
// TenantID: to.Ptr("72f988bf-86f1-41af-91ab-2d7cd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T17:45:22.768Z"); return t}()),
// }},
// EffectiveParameters: to.Ptr(""),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8"),
// PolicyAssignmentName: to.Ptr("560050f83dbb4a24974323f8"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr(""),
// PolicyAssignmentScope: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionName: to.Ptr("ab108bc4-32df-4677-8b38-fa8b2905df59"),
// PolicyDefinitionReferenceID: to.Ptr(""),
// PolicySetDefinitionCategory: to.Ptr(""),
// PolicySetDefinitionID: to.Ptr(""),
// PolicySetDefinitionName: to.Ptr(""),
// PolicySetDefinitionOwner: to.Ptr(""),
// PolicySetDefinitionParameters: to.Ptr(""),
// PrincipalOid: to.Ptr(""),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName"),
// ResourceLocation: to.Ptr("westcentralus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("Microsoft.KeyVault/vaults"),
// SubscriptionID: to.Ptr("e78961ba-36fe-4739-9212-e3031b4c8db7"),
// TenantID: to.Ptr(""),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-02-21T19:42:08.325Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resource.
*
* @summary Queries policy events for the resource.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceScopeExpandComponents.json
*/
async function queryComponentsPolicyEventsForResourceScopeFilteredByGivenAssignment() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceId =
"subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/Vaults/myKVName";
const filter =
"policyAssignmentId eq '/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8'";
const expand = "components";
const options = {
queryOptions: { filter: filter, expand: expand },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResource(
policyEventsResource,
resourceId,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2020-02-21T19:42:08.3252921Z",
"resourceId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/resourcegroups/myResourceGroup/providers/microsoft.keyvault/vaults/myKVName",
"policyAssignmentId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policyassignments/560050f83dbb4a24974323f8",
"policyDefinitionId": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7/providers/microsoft.authorization/policydefinitions/ab108bc4-32df-4677-8b38-fa8b2905df59",
"effectiveParameters": "",
"isCompliant": false,
"subscriptionId": "e78961ba-36fe-4739-9212-e3031b4c8db7",
"resourceType": "Microsoft.KeyVault/vaults",
"resourceLocation": "westcentralus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "560050f83dbb4a24974323f8",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "",
"policyAssignmentScope": "/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7",
"policyDefinitionName": "ab108bc4-32df-4677-8b38-fa8b2905df59",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "",
"policySetDefinitionName": "",
"policySetDefinitionOwner": "",
"policySetDefinitionCategory": "",
"policySetDefinitionParameters": "",
"managementGroupIds": "PolicyUIMG,AzGovTest5,72f988bf-86f1-41af-91ab-2d7cd011db47",
"policyDefinitionReferenceId": "",
"complianceState": "NonCompliant",
"tenantId": "",
"principalOid": "",
"components": [
{
"id": "cert-RSA-cert-3",
"type": "Certificate",
"name": "cert-RSA-cert-3",
"timestamp": "2020-02-21T17:45:23.0367Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
},
{
"id": "cert-RSA-cert-2",
"type": "Certificate",
"name": "cert-RSA-cert-2",
"timestamp": "2020-02-21T17:45:22.7682778Z",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"principalOid": "0d81b461-6bb0-4909-a102-d51803a7d275",
"policyDefinitionAction": "audit"
}
]
}
]
}
Definitions
ComponentEventDetails
Component event details.
| Name |
Type |
Description |
|
id
|
string
|
Component Id.
|
|
name
|
string
|
Component name.
|
|
policyDefinitionAction
|
string
|
Policy definition action, i.e. effect.
|
|
principalOid
|
string
|
Principal object ID for the user who initiated the resource component operation that triggered the policy event.
|
|
tenantId
|
string
|
Tenant ID for the policy event record.
|
|
timestamp
|
string
|
Timestamp for component policy event record.
|
|
type
|
string
|
Component type.
|
Error
Error definition.
| Name |
Type |
Description |
|
code
|
string
|
Service specific error code which serves as the substatus for the HTTP error code.
|
|
message
|
string
|
Description of the error.
|
PolicyEvent
Policy event record.
| Name |
Type |
Description |
|
@odata.context
|
string
|
OData context string; used by OData clients to resolve type information based on metadata.
|
|
@odata.id
|
string
|
OData entity ID; always set to null since policy event records do not have an entity ID.
|
|
complianceState
|
string
|
Compliance state of the resource.
|
|
components
|
ComponentEventDetails[]
|
Components events records populated only when URL contains $expand=components clause.
|
|
effectiveParameters
|
string
|
Effective parameters for the policy assignment.
|
|
isCompliant
|
boolean
|
Flag which states whether the resource is compliant against the policy assignment it was evaluated against.
|
|
managementGroupIds
|
string
|
Comma separated list of management group IDs, which represent the hierarchy of the management groups the resource is under.
|
|
policyAssignmentId
|
string
|
Policy assignment ID.
|
|
policyAssignmentName
|
string
|
Policy assignment name.
|
|
policyAssignmentOwner
|
string
|
Policy assignment owner.
|
|
policyAssignmentParameters
|
string
|
Policy assignment parameters.
|
|
policyAssignmentScope
|
string
|
Policy assignment scope.
|
|
policyDefinitionAction
|
string
|
Policy definition action, i.e. effect.
|
|
policyDefinitionCategory
|
string
|
Policy definition category.
|
|
policyDefinitionId
|
string
|
Policy definition ID.
|
|
policyDefinitionName
|
string
|
Policy definition name.
|
|
policyDefinitionReferenceId
|
string
|
Reference ID for the policy definition inside the policy set, if the policy assignment is for a policy set.
|
|
policySetDefinitionCategory
|
string
|
Policy set definition category, if the policy assignment is for a policy set.
|
|
policySetDefinitionId
|
string
|
Policy set definition ID, if the policy assignment is for a policy set.
|
|
policySetDefinitionName
|
string
|
Policy set definition name, if the policy assignment is for a policy set.
|
|
policySetDefinitionOwner
|
string
|
Policy set definition owner, if the policy assignment is for a policy set.
|
|
policySetDefinitionParameters
|
string
|
Policy set definition parameters, if the policy assignment is for a policy set.
|
|
principalOid
|
string
|
Principal object ID for the user who initiated the resource operation that triggered the policy event.
|
|
resourceGroup
|
string
|
Resource group name.
|
|
resourceId
|
string
|
Resource ID.
|
|
resourceLocation
|
string
|
Resource location.
|
|
resourceTags
|
string
|
List of resource tags.
|
|
resourceType
|
string
|
Resource type.
|
|
subscriptionId
|
string
|
Subscription ID.
|
|
tenantId
|
string
|
Tenant ID for the policy event record.
|
|
timestamp
|
string
|
Timestamp for the policy event record.
|
PolicyEventsQueryResults
Query results.
| Name |
Type |
Description |
|
@odata.context
|
string
|
OData context string; used by OData clients to resolve type information based on metadata.
|
|
@odata.count
|
integer
|
OData entity count; represents the number of policy event records returned.
|
|
@odata.nextLink
|
string
|
Odata next link; URL to get the next set of results.
|
|
value
|
PolicyEvent[]
|
Query results.
|
PolicyEventsResourceType
The name of the virtual resource under PolicyEvents resource type; only "default" is allowed.
| Name |
Type |
Description |
|
default
|
string
|
|
QueryFailure
Error response.
| Name |
Type |
Description |
|
error
|
Error
|
Error definition.
|