accessReviewScheduleDefinition 资源类型accessReviewScheduleDefinition resource type

命名空间:microsoft.graphNamespace: microsoft.graph

重要

Microsoft Graph /beta 中版本下的 API 可能会更改。APIs under the /beta version in Microsoft Graph are subject to change. 不支持在生产应用程序中使用这些 API。Use of these APIs in production applications is not supported. 若要确定 API 在 v1.0 中是否可用,请使用 版本选择 器。To determine whether an API is available in v1.0, use the Version selector.

备注

本节中的访问评审 API 是推荐的访问评审 API。The access review APIs in this section are the recommended access review APIs. 较旧版本 Access 评论将弃用。The older version, Access reviews, will be deprecated.

表示 Azure AD 访问评审 的计划Represents the scheduling of an Azure AD access review.

accessReviewScheduleDefinition 包含 accessReviewInstance 对象 的列表。An accessReviewScheduleDefinition contains a list of accessReviewInstance objects. 计划定义的每次重复都将创建一个实例。Each recurrence of the schedule definition will create an instance. 实例还表示要审阅的每个唯一组。Instances also represent each unique group being reviewed. 如果计划定义审阅多个组,则每个组将在每个重复周期中具有一个唯一实例。If a schedule definition reviews multiple groups, each group will have a unique instance per each recurrence. 对于一次评审,每个组只会创建一个实例。In the case of a one-time review, only one instance will be created per group.

方法Methods

方法Method 返回类型Return Type 说明Description
列出 accessReviewScheduleDefinitionsList accessReviewScheduleDefinitions accessReviewScheduleDefinition 集合accessReviewScheduleDefinition collection 列出每个 accessReviewScheduleDefinition。Lists every accessReviewScheduleDefinition. 在列表中不包括关联的 accessReviewInstance 实例。Does not include associated accessReviewInstance instances in listings.
获取 accessReviewScheduleDefinitionGet accessReviewScheduleDefinition accessReviewScheduleDefinitionaccessReviewScheduleDefinition 获取具有指定 ID 的 accessReviewScheduleDefinition。Get an accessReviewScheduleDefinition with a specified id.
创建 accessReviewScheduleDefinitionCreate accessReviewScheduleDefinition accessReviewScheduleDefinitionaccessReviewScheduleDefinition 创建新的 accessReviewScheduleDefinition。Create a new accessReviewScheduleDefinition.
删除 accessReviewScheduleDefinitionDelete accessReviewScheduleDefinition 无。None. 删除具有指定标识符的 accessReviewScheduleDefinition。Delete an accessReviewScheduleDefinition with a specified identifier.
更新 accessReviewScheduleDefinitionUpdate accessReviewScheduleDefinition 无。None. 使用指定的标识符更新 accessReviewScheduleDefinition 的属性。Update properties of an accessReviewScheduleDefinition with a specified identifier.

属性Properties

属性Property 类型Type 说明Description
idid StringString 访问评审的功能分配的唯一标识符。The feature-assigned unique identifier of an access review.
displayNamedisplayName StringString 访问评审系列的名称。Name of access review series. 创建时为必需项。Required on create.
createdDateTimecreatedDateTime DateTimeOffsetDateTimeOffset 创建审阅系列时时间戳。Timestamp when review series was created.
lastModifiedDateTimelastModifiedDateTime DateTimeOffsetDateTimeOffset 上次修改审阅系列的时间戳。Timestamp when review series was last modified.
状态status StringString 此只读字段指定 accessReview 的状态。This read-only field specifies the status of an accessReview. 典型状态包括 Initializing NotStarted Starting InProgress 、、、、、、 Completing Completed AutoReviewingAutoReviewedThe typical states include Initializing, NotStarted, Starting, InProgress, Completing, Completed, AutoReviewing, and AutoReviewed.
descriptionForAdminsdescriptionForAdmins stringstring 评价创建者提供的用于向管理员提供评论的更多上下文的说明。Description provided by review creators to provide more context of the review to admins.
descriptionForReviewersdescriptionForReviewers stringstring 审阅创建者提供的说明,用于向审阅者提供审阅的更多上下文。Description provided by review creators to provide more context of the review to reviewers. 审阅者将在发送给他们请求审阅的电子邮件中看到此说明。Reviewers will see this description in the email sent to them requesting their review.
createdBycreatedBy userIdentityuserIdentity 创建此评价的用户。User who created this review.
范围scope accessReviewScopeaccessReviewScope 定义被审阅用户的范围。Defines scope of users reviewed. 有关支持的范围,请参阅 accessReviewScopeFor supported scopes, see accessReviewScope. 创建时为必需项。Required on create.
instanceEnumerationScopeinstanceEnumerationScope accessReviewScopeaccessReviewScope 如果审阅所有 Microsoft 365 组的来宾用户,这将确定将审核哪些组的范围。In the case of a review of guest users across all Microsoft 365 groups, this determines the scope of which groups will be reviewed. 每个组将成为访问评审系列的唯一 accessReviewInstance。Each group will become a unique accessReviewInstance of the access review series. 有关支持的范围,请参阅 accessReviewScopeFor supported scopes, see accessReviewScope.
设置settings accessReviewScheduleSettingsaccessReviewScheduleSettings 访问评审系列的设置,请参阅下面的类型定义。The settings for an access review series, see type definition below.
reviewersreviewers accessReviewReviewerScope 集合accessReviewReviewerScope collection 此访问评审范围集合用于定义审阅者。This collection of access review scopes is used to define who are the reviewers. 请参阅 accessReviewReviewerScopeSee accessReviewReviewerScope. 创建时为必需项。Required on create.
backupReviewersbackupReviewers accessReviewReviewerScope 集合accessReviewReviewerScope collection 此审阅者范围集合用于定义回退审阅者列表。This collection of reviewer scopes is used to define the list of fallback reviewers. 如果从指定的审阅者列表中找不到用户,将通知这些回退审阅者采取措施。These fallback reviewers will be notified to take action if no users are found from the list of reviewers specified. 当组所有者指定为审阅者,但组所有者不存在时,或者将经理指定为审阅者但用户的经理不存在时,可能会发生这种情况。This could occur when either the group owner is specified as the reviewer but the group owner does not exist, or manager is specified as reviewer but a user's manager does not exist. 请参阅 accessReviewReviewerScopeSee accessReviewReviewerScope.
instancesinstances 集合 (microsoft.graph.accessReviewInstance) Collection(microsoft.graph.accessReviewInstance) 此访问评审系列的访问评审实例集。Set of access reviews instances for this access review series. 不重复的访问评审将只有一个实例;否则,将针对每个重复周期提供一个实例。Access reviews that do not recur will only have one instance; otherwise, there will be an instance for each recurrence.

关系Relationships

关系Relationship 类型Type 说明Description
instances accessReviewInstance 集合accessReviewInstance collection 如果 accessReviewScheduleDefinition 为定期访问评审,则实例表示每个重复周期。If the accessReviewScheduleDefinition is a recurring access review, instances represent each recurrence. 不重复的审阅将只具有一个实例。A review that does not recur will have exactly one instance. 实例还表示 中正在审阅的每个唯一资源 accessReviewScheduleDefinitionInstances also represent each unique resource under review in the accessReviewScheduleDefinition. 如果审阅具有多个资源和多个实例,则每个资源将具有每个重复周期的唯一实例。If a review has multiple resources and multiple instances, each resource will have a unique instance for each recurrence.

accessReviewScheduleDefinition 支持的搜索查询Supported search queries for accessReviewScheduleDefinition

以下是基于accessReviewScope的 accessReviewScheduleDefinition上支持的查询。The following are queries supported on an accessReviewScheduleDefinition based on the accessReviewScope.

方案Scenario 查询Query
列出每个单独的组 (不包括作用域为具有来宾用户的所有 accessReviewScheduleDefinition Microsoft 365 组) List every accessReviewScheduleDefinition on individual groups (excludes definitions scoped to all Microsoft 365 groups with guest users) /beta/identityGovernance/accessReviews/definitions?$filter=contains (scope/microsoft.graph.accessReviewQueryScope/query, '/groups') /beta/identityGovernance/accessReviews/definitions?$filter=contains(scope/microsoft.graph.accessReviewQueryScope/query, '/groups')
列出特定组上的每个 (不包括作用域为具有来宾用户的所有 accessReviewScheduleDefinition Microsoft 365 组) List every accessReviewScheduleDefinition on a specific group (excludes definitions scoped to all Microsoft 365 groups with guest users) /beta/identityGovernance/accessReviews/definitions?$filter=contains (scope/microsoft.graph.accessReviewQueryScope/query, '/groups/{group id}') /beta/identityGovernance/accessReviews/definitions?$filter=contains(scope/microsoft.graph.accessReviewQueryScope/query, '/groups/{group id}')
列出每个 accessReviewScheduleDefinition 作用域为包含来宾用户的所有 Microsoft 365 组List every accessReviewScheduleDefinition scoped to all Microsoft 365 groups with guest users /beta/identityGovernance/accessReviews/definitions?$filter=contains (scope/microsoft.graph.accessReviewQueryScope/query, './members') /beta/identityGovernance/accessReviews/definitions?$filter=contains(scope/microsoft.graph.accessReviewQueryScope/query, './members')
列出访问 accessReviewScheduleDefinition 包上的每个项List every accessReviewScheduleDefinition on an access package /beta/identityGovernance/accessReviews/definitions?$filter=contains (scope/microsoft.graph.accessReviewQueryScope/query, 'accessPackageAssignments') /beta/identityGovernance/accessReviews/definitions?$filter=contains(scope/microsoft.graph.accessReviewQueryScope/query, 'accessPackageAssignments')
列出 accessReviewScheduleDefinition 分配给特权角色的服务主体的条目List every accessReviewScheduleDefinition for service principals assigned to privileged role /beta/identityGovernance/accessReviews/definitions?$filter=contains (scope/microsoft.graph.accessReviewQueryScope/query, 'roleAssignmentScheduleInstances') /beta/identityGovernance/accessReviews/definitions?$filter=contains(scope/microsoft.graph.accessReviewQueryScope/query, 'roleAssignmentScheduleInstances')

JSON 表示形式JSON representation

下面是资源的 JSON 表示形式。The following is a JSON representation of the resource.

{
  "@odata.type": "#microsoft.graph.accessReviewScheduleDefinition",
  "id": "String (identifier)",
  "displayName": "String",
  "createdDateTime": "String (timestamp)",
  "lastModifiedDateTime": "String (timestamp)",
  "status": "String",
  "descriptionForAdmins": "String",
  "descriptionForReviewers": "String",
  "createdBy": {
    "@odata.type": "microsoft.graph.userIdentity"
  },
  "scope": {
    "@odata.type": "microsoft.graph.accessReviewScope"
  },
  "reviewers": [
    {
      "@odata.type": "microsoft.graph.accessReviewReviewerScope"
    }
  ],
  "instanceEnumerationScope": {
    "@odata.type": "microsoft.graph.accessReviewScope"
  },
  "settings": {
    "@odata.type": "microsoft.graph.accessReviewScheduleSettings"
  }
}