Запрашивает состояния политики для ресурсов в группе ресурсов.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}
Параметры URI
| Имя |
В |
Обязательно |
Тип |
Описание |
|
policyStatesResource
|
path |
True
|
PolicyStatesResource
|
Виртуальный ресурс в разделе Тип ресурса PolicyStates. В заданном диапазоне времени "latest" представляет последние состояния политики, а "по умолчанию" — все состояния политики.
|
|
resourceGroupName
|
path |
True
|
string
|
Имя группы ресурсов.
|
|
subscriptionId
|
path |
True
|
string
|
Идентификатор подписки Microsoft Azure.
|
|
api-version
|
query |
True
|
string
|
Версия API клиента.
|
|
$apply
|
query |
|
string
|
OData применяет выражение для агрегатов.
|
|
$filter
|
query |
|
string
|
Выражение фильтра OData.
|
|
$from
|
query |
|
string
date-time
|
Метка времени в формате ISO 8601, указывающая время начала интервала запроса. Если этот параметр не указан, служба использует ($to — 1 день).
|
|
$orderby
|
query |
|
string
|
Упорядочение выражения с использованием нотации OData. Одно или несколько имен столбцов, разделенных запятыми, с необязательным "desc" (по умолчанию) или "asc", например "$orderby=PolicyAssignmentId, ResourceId asc".
|
|
$select
|
query |
|
string
|
Выберите выражение с помощью нотации OData. Ограничивает столбцы для каждой записи только запрошенными, например "$select=PolicyAssignmentId, ResourceId".
|
|
$skiptoken
|
query |
|
string
|
Skiptoken предоставляется, только если предыдущий ответ вернул частичный результат в элементе nextLink.
|
|
$to
|
query |
|
string
date-time
|
Метка времени в формате ISO 8601, указывающая время окончания интервала запроса. Если не указано, служба использует время запроса.
|
|
$top
|
query |
|
integer
int32
|
Максимальное количество возвращаемых записей.
|
Ответы
Безопасность
azure_auth
Поток OAuth2 в Azure Active Directory
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Имя |
Описание |
|
user_impersonation
|
олицетворения учетной записи пользователя
|
Примеры
Query latest at resource group scope
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyStatesResource;
/** Samples for PolicyStates ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
*/
/**
* Sample code: Query latest at resource group scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryLatestAtResourceGroupScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyStates()
.listQueryResultsForResourceGroup(
PolicyStatesResource.LATEST,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_states_query_resource_group_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_states.list_query_results_for_resource_group(
policy_states_resource="latest",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
func ExamplePolicyStatesClient_NewListQueryResultsForResourceGroupPager_queryLatestAtResourceGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyStatesClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyStatesResourceLatest, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyStatesQueryResults = armpolicyinsights.PolicyStatesQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyState{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyAssignmentVersion: to.Ptr("1.0.0"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionVersion: to.Ptr("1.0.0-preview"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionVersion: to.Ptr("2.0.1"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("Compliant"),
// IsCompliant: to.Ptr(true),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyAssignmentVersion: to.Ptr("1.0.0"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionVersion: to.Ptr("1.0.0-preview"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionVersion: to.Ptr("2.0.1"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy states for the resources under the resource group.
*
* @summary Queries policy states for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
*/
async function queryLatestAtResourceGroupScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyStatesResource = "latest";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyStates.listQueryResultsForResourceGroup(
policyStatesResource,
subscriptionId,
resourceGroupName
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
// this example is just showing the usage of "PolicyStates_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyStateType policyStateType = PolicyStateType.Latest;
await foreach (PolicyState item in resourceGroupResource.GetPolicyStateQueryResultsAsync(policyStateType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"effectiveParameters": null,
"isCompliant": true,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "Compliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
}
]
}
Query latest at resource group scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyStatesResource;
/** Samples for PolicyStates ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
*/
/**
* Sample code: Query latest at resource group scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryLatestAtResourceGroupScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyStates()
.listQueryResultsForResourceGroup(
PolicyStatesResource.LATEST,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_states_query_resource_group_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_states.list_query_results_for_resource_group(
policy_states_resource="latest",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
func ExamplePolicyStatesClient_NewListQueryResultsForResourceGroupPager_queryLatestAtResourceGroupScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyStatesClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyStatesResourceLatest, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyStatesQueryResults = armpolicyinsights.PolicyStatesQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyState{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("Compliant"),
// IsCompliant: to.Ptr(true),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy states for the resources under the resource group.
*
* @summary Queries policy states for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
*/
async function queryLatestAtResourceGroupScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyStatesResource = "latest";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyStates.listQueryResultsForResourceGroup(
policyStatesResource,
subscriptionId,
resourceGroupName,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
// this example is just showing the usage of "PolicyStates_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyStateType policyStateType = PolicyStateType.Latest;
await foreach (PolicyState item in resourceGroupResource.GetPolicyStateQueryResultsAsync(policyStateType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
]
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"effectiveParameters": null,
"isCompliant": true,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "Compliant",
"policyDefinitionGroupNames": [
"myGroup"
]
}
]
}
Определения
ComponentStateDetails
Сведения о состоянии компонента.
| Имя |
Тип |
Описание |
|
complianceState
|
string
|
Состояние соответствия компонентов.
|
|
id
|
string
|
Идентификатор компонента.
|
|
name
|
string
|
Название компонента.
|
|
timestamp
|
string
|
Метка времени оценки соответствия компонентов.
|
|
type
|
string
|
Тип компонента.
|
Error
Определение ошибки.
| Имя |
Тип |
Описание |
|
code
|
string
|
Код ошибки службы, который служит подсостояние для кода ошибки HTTP.
|
|
message
|
string
|
Описание ошибки.
|
ExpressionEvaluationDetails
Сведения об оценке выражений языка политики.
| Имя |
Тип |
Описание |
|
expression
|
string
|
Выражение вычисляется.
|
|
expressionKind
|
string
|
Тип вычисляемого выражения.
|
|
expressionValue
|
object
|
Значение выражения.
|
|
operator
|
string
|
Оператор для сравнения значения выражения и целевого значения.
|
|
path
|
string
|
Путь к свойству, если выражение является полем или псевдонимом.
|
|
result
|
string
|
Результат оценки.
|
|
targetValue
|
object
|
Целевое значение для сравнения со значением выражения.
|
IfNotExistsEvaluationDetails
Сведения об оценке эффекта IfNotExists.
| Имя |
Тип |
Описание |
|
resourceId
|
string
|
Идентификатор последнего оцененного ресурса для эффекта IfNotExists.
|
|
totalResources
|
integer
|
Общее количество ресурсов, к которым применимо условие существования.
|
PolicyEvaluationDetails
Сведения об оценке политики.
PolicyState
Запись состояния политики.
| Имя |
Тип |
Описание |
|
@odata.context
|
string
|
Строка контекста OData; используется клиентами OData для разрешения сведений о типах на основе метаданных.
|
|
@odata.id
|
string
|
Идентификатор сущности OData; всегда присваивайте значение NULL, так как записи состояния политики не имеют идентификатора сущности.
|
|
complianceState
|
string
|
Состояние соответствия ресурса.
|
|
components
|
ComponentStateDetails[]
|
Записи о соответствии состояния компонентов заполняются, только если URL-адрес содержит предложение $expand=components.
|
|
effectiveParameters
|
string
|
Действующие параметры для назначения политики.
|
|
isCompliant
|
boolean
|
Пометка, указывающая, соответствует ли ресурс назначению политики, по которому он был оценен. Это свойство является нерекомендуемой; вместо этого используйте ComplianceState.
|
|
managementGroupIds
|
string
|
Разделенный запятыми список идентификаторов групп управления, представляющих иерархию групп управления, в которых находится ресурс.
|
|
policyAssignmentId
|
string
|
Идентификатор назначения политики.
|
|
policyAssignmentName
|
string
|
Имя назначения политики.
|
|
policyAssignmentOwner
|
string
|
Владелец назначения политики.
|
|
policyAssignmentParameters
|
string
|
Параметры назначения политики.
|
|
policyAssignmentScope
|
string
|
назначение политики область.
|
|
policyAssignmentVersion
|
string
|
Вычислимая версия назначения политики.
|
|
policyDefinitionAction
|
string
|
Действие определения политики, т. е. эффект.
|
|
policyDefinitionCategory
|
string
|
Категория определения политики.
|
|
policyDefinitionGroupNames
|
string[]
|
Имена групп определения политики.
|
|
policyDefinitionId
|
string
|
Идентификатор определения политики.
|
|
policyDefinitionName
|
string
|
Имя определения политики.
|
|
policyDefinitionReferenceId
|
string
|
Идентификатор ссылки на определение политики в наборе политик, если назначение политики предназначено для набора политик.
|
|
policyDefinitionVersion
|
string
|
Вычислимая версия определения политики.
|
|
policyEvaluationDetails
|
PolicyEvaluationDetails
|
Сведения об оценке политики.
|
|
policySetDefinitionCategory
|
string
|
Категория определения набора политик, если назначение политики предназначено для набора политик.
|
|
policySetDefinitionId
|
string
|
Идентификатор определения набора политик, если назначение политики предназначено для набора политик.
|
|
policySetDefinitionName
|
string
|
Имя определения набора политик, если назначение политики предназначено для набора политик.
|
|
policySetDefinitionOwner
|
string
|
Владелец определения набора политик, если назначение политики предназначено для набора политик.
|
|
policySetDefinitionParameters
|
string
|
Параметры определения набора политик, если назначение политики предназначено для набора политик.
|
|
policySetDefinitionVersion
|
string
|
Вычисляемая версия определения набора политик.
|
|
resourceGroup
|
string
|
Имя группы ресурсов.
|
|
resourceId
|
string
|
Идентификатор ресурса.
|
|
resourceLocation
|
string
|
Расположение ресурса.
|
|
resourceTags
|
string
|
Список тегов ресурсов.
|
|
resourceType
|
string
|
Тип ресурса.
|
|
subscriptionId
|
string
|
Идентификатор подписки.
|
|
timestamp
|
string
|
Метка времени для записи состояния политики.
|
PolicyStatesQueryResults
Результаты запроса.
| Имя |
Тип |
Описание |
|
@odata.context
|
string
|
Строка контекста OData; используется клиентами OData для разрешения сведений о типах на основе метаданных.
|
|
@odata.count
|
integer
|
Количество сущностей OData; представляет количество возвращаемых записей состояния политики.
|
|
@odata.nextLink
|
string
|
Следующая ссылка на Odata; URL-адрес для получения следующего набора результатов.
|
|
value
|
PolicyState[]
|
Результаты запроса.
|
PolicyStatesResource
Виртуальный ресурс в разделе Тип ресурса PolicyStates. В заданном диапазоне времени "latest" представляет последние состояния политики, а "по умолчанию" — все состояния политики.
| Имя |
Тип |
Описание |
|
default
|
string
|
|
|
latest
|
string
|
|
QueryFailure
Ответ об ошибке.
| Имя |
Тип |
Описание |
|
error
|
Error
|
Определение ошибки.
|