Consulta eventos de directiva para los recursos del grupo de recursos.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}
Parámetros de identificador URI
Nombre |
En |
Requerido |
Tipo |
Description |
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
Nombre del recurso virtual en El tipo de recurso PolicyEvents; solo se permite "default".
|
resourceGroupName
|
path |
True
|
string
|
Nombre del grupo de recursos.
|
subscriptionId
|
path |
True
|
string
|
Identificador de suscripción de Microsoft Azure.
|
api-version
|
query |
True
|
string
|
Versión de api de cliente.
|
$apply
|
query |
|
string
|
OData aplica expresión para agregaciones.
|
$filter
|
query |
|
string
|
Expresión de filtro de OData.
|
$from
|
query |
|
string
date-time
|
Marca de tiempo con formato ISO 8601 que especifica la hora de inicio del intervalo que se va a consultar. Cuando no se especifica, el servicio usa ($to - 1 día).
|
$orderby
|
query |
|
string
|
Expresión de ordenación mediante notación OData. Uno o varios nombres de columna separados por comas con un "desc" opcional (el valor predeterminado) o "asc", por ejemplo, "$orderby=PolicyAssignmentId, ResourceId asc".
|
$select
|
query |
|
string
|
Seleccione expresión mediante notación OData. Limita las columnas de cada registro a solo las solicitadas, por ejemplo, "$select=PolicyAssignmentId, ResourceId".
|
$skiptoken
|
query |
|
string
|
Skiptoken solo se proporciona si una respuesta anterior devolvió un resultado parcial como parte del elemento nextLink.
|
$to
|
query |
|
string
date-time
|
Marca de tiempo con formato ISO 8601 que especifica la hora de finalización del intervalo que se va a consultar. Cuando no se especifica, el servicio usa el tiempo de solicitud.
|
$top
|
query |
|
integer
int32
|
Número máximo de registros que se van a devolver.
|
Respuestas
Nombre |
Tipo |
Description |
200 OK
|
PolicyEventsQueryResults
|
Resultados de la consulta.
|
Other Status Codes
|
QueryFailure
|
Respuesta de error que describe el motivo del error de la operación.
|
Seguridad
azure_auth
Flujo OAuth2 de Azure Active Directory
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Nombre |
Description |
user_impersonation
|
suplantación de su cuenta de usuario
|
Ejemplos
Query at resource group scope
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScope.json
*/
/**
* Sample code: Query at resource group scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceGroupScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResourceGroup(
PolicyEventsResourceType.DEFAULT,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_group_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_events.list_query_results_for_resource_group(
policy_events_resource="default",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourceGroupPager_queryAtResourceGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resources under the resource group.
*
* @summary Queries policy events for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScope.json
*/
async function queryAtResourceGroupScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResourceGroup(
policyEventsResource,
subscriptionId,
resourceGroupName
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScope.json
// this example is just showing the usage of "PolicyEvents_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyEventType policyEventType = PolicyEventType.Default;
await foreach (PolicyEvent item in resourceGroupResource.GetPolicyEventQueryResultsAsync(policyEventType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Query at resource group scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScopeNextLink.json
*/
/**
* Sample code: Query at resource group scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtResourceGroupScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForResourceGroup(
PolicyEventsResourceType.DEFAULT,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_resource_group_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_events.list_query_results_for_resource_group(
policy_events_resource="default",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForResourceGroupPager_queryAtResourceGroupScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("181565554491747128"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentName: to.Ptr("ec62f9b2a454487296f2ccd4"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}"),
// PolicyAssignmentScope: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionName: to.Ptr("72c0c41a-c752-4bc0-9c61-0d6adc567066"),
// PolicyDefinitionReferenceID: to.Ptr("624540685646900425"),
// PolicySetDefinitionID: to.Ptr("/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PolicySetDefinitionName: to.Ptr("00b36c66-612b-44e2-9f8e-b758296d40fe"),
// PrincipalOid: to.Ptr("fffdfc0f-fff5-fff0-fff3-fff1a968dcc6"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ServiceFabric/clusters/applications"),
// SubscriptionID: to.Ptr("fff10b27-fff3-fff5-fff8-fffbe01e86a5"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-07T20:43:04.697Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the resources under the resource group.
*
* @summary Queries policy events for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScopeNextLink.json
*/
async function queryAtResourceGroupScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForResourceGroup(
policyEventsResource,
subscriptionId,
resourceGroupName,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QueryResourceGroupScopeNextLink.json
// this example is just showing the usage of "PolicyEvents_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyEventType policyEventType = PolicyEventType.Default;
await foreach (PolicyEvent item in resourceGroupResource.GetPolicyEventQueryResultsAsync(policyEventType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "181565554491747128",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-07T20:43:04.6971328Z",
"resourceId": "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourcegroups/myResourceGroup/providers/Microsoft.ServiceFabric/clusters/myCluster/applications/myApplication",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyAssignments/ec62f9b2a454487296f2ccd4",
"policyDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policyDefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fff10b27-fff3-fff5-fff8-fffbe01e86a5",
"resourceType": "/Microsoft.ServiceFabric/clusters/applications",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "ec62f9b2a454487296f2ccd4",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"ALLOWEDRESOURCEGROUPS_1\":{\"value\":[\"rg1\",\"rg2\"]},\"ALLOWEDRESOURCEGROUPS_2\":{\"value\":[\"myrg3\",\"myrg4\"]}}",
"policyAssignmentScope": "/providers/Microsoft.Management/managementGroups/myManagementGroup",
"policyDefinitionName": "72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/myManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionName": "00b36c66-612b-44e2-9f8e-b758296d40fe",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "myManagementGroup,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "624540685646900425",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fffdfc0f-fff5-fff0-fff3-fff1a968dcc6",
"complianceState": "NonCompliant"
}
]
}
Definiciones
ComponentEventDetails
Detalles del evento de componente.
Nombre |
Tipo |
Description |
id
|
string
|
Id. de componente.
|
name
|
string
|
component_name
|
policyDefinitionAction
|
string
|
Acción de definición de directiva, es decir, efecto.
|
principalOid
|
string
|
Identificador de objeto de entidad de seguridad para el usuario que inició la operación del componente de recursos que desencadenó el evento de directiva.
|
tenantId
|
string
|
Identificador de inquilino para el registro de eventos de directiva.
|
timestamp
|
string
|
Marca de tiempo para el registro de eventos de directiva de componentes.
|
type
|
string
|
Tipo de componente.
|
Error
Definición de error.
Nombre |
Tipo |
Description |
code
|
string
|
Código de error específico del servicio que actúa como subestado para el código de error HTTP.
|
message
|
string
|
Descripción del error.
|
PolicyEvent
Registro de eventos de directiva.
Nombre |
Tipo |
Description |
@odata.context
|
string
|
Cadena de contexto de OData; que usan los clientes de OData para resolver la información de tipos en función de los metadatos.
|
@odata.id
|
string
|
Id. de entidad de OData; siempre se establece en NULL, ya que los registros de eventos de directiva no tienen un identificador de entidad.
|
complianceState
|
string
|
Estado de cumplimiento del recurso.
|
components
|
ComponentEventDetails[]
|
Los eventos de componentes se rellenan solo cuando la dirección URL contiene $expand=la cláusula components.
|
effectiveParameters
|
string
|
Parámetros efectivos para la asignación de directivas.
|
isCompliant
|
boolean
|
Marca que indica si el recurso es compatible con la asignación de directiva con la que se evaluó.
|
managementGroupIds
|
string
|
Lista separada por comas de identificadores de grupo de administración, que representan la jerarquía de los grupos de administración en los que se encuentra el recurso.
|
policyAssignmentId
|
string
|
Identificador de asignación de directiva.
|
policyAssignmentName
|
string
|
Nombre de asignación de directiva.
|
policyAssignmentOwner
|
string
|
Propietario de la asignación de directiva.
|
policyAssignmentParameters
|
string
|
Parámetros de asignación de directivas.
|
policyAssignmentScope
|
string
|
Ámbito de asignación de directiva.
|
policyDefinitionAction
|
string
|
Acción de definición de directiva, es decir, efecto.
|
policyDefinitionCategory
|
string
|
Categoría de definición de directiva.
|
policyDefinitionId
|
string
|
Identificador de definición de directiva.
|
policyDefinitionName
|
string
|
Nombre de definición de directiva.
|
policyDefinitionReferenceId
|
string
|
Identificador de referencia de la definición de directiva dentro del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
policySetDefinitionCategory
|
string
|
Categoría de definición del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
policySetDefinitionId
|
string
|
Identificador de definición del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
policySetDefinitionName
|
string
|
Nombre de definición del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
policySetDefinitionOwner
|
string
|
Propietario de la definición del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
policySetDefinitionParameters
|
string
|
Parámetros de definición del conjunto de directivas, si la asignación de directiva es para un conjunto de directivas.
|
principalOid
|
string
|
Identificador de objeto de entidad de seguridad para el usuario que inició la operación de recursos que desencadenó el evento de directiva.
|
resourceGroup
|
string
|
Nombre del grupo de recursos.
|
resourceId
|
string
|
Identificador del recurso.
|
resourceLocation
|
string
|
Ubicación del recurso
|
resourceTags
|
string
|
Lista de etiquetas de recursos.
|
resourceType
|
string
|
Tipo de recurso.
|
subscriptionId
|
string
|
Id. de suscripción.
|
tenantId
|
string
|
Identificador de inquilino para el registro de eventos de directiva.
|
timestamp
|
string
|
Marca de tiempo para el registro de eventos de directiva.
|
PolicyEventsQueryResults
Resultados de la consulta.
Nombre |
Tipo |
Description |
@odata.context
|
string
|
Cadena de contexto de OData; que usan los clientes de OData para resolver la información de tipos en función de los metadatos.
|
@odata.count
|
integer
|
Recuento de entidades de OData; representa el número de registros de eventos de directiva devueltos.
|
@odata.nextLink
|
string
|
Vínculo siguiente de Odata; Dirección URL para obtener el siguiente conjunto de resultados.
|
value
|
PolicyEvent[]
|
Resultados de la consulta.
|
PolicyEventsResourceType
Nombre del recurso virtual en El tipo de recurso PolicyEvents; solo se permite "default".
Nombre |
Tipo |
Description |
default
|
string
|
|
QueryFailure
Respuesta de error.
Nombre |
Tipo |
Description |
error
|
Error
|
Definición de error.
|