查询资源组下资源的策略状态。
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}
URI 参数
名称 |
在 |
必需 |
类型 |
说明 |
policyStatesResource
|
path |
True
|
PolicyStatesResource
|
PolicyStates 资源类型下的虚拟资源。 在给定的时间范围内,“latest”表示 () 的最新策略状态,而“default”表示 () 的所有策略状态。
|
resourceGroupName
|
path |
True
|
string
|
资源组名称。
|
subscriptionId
|
path |
True
|
string
|
Microsoft Azure 订阅 ID。
|
api-version
|
query |
True
|
string
|
客户端 API 版本。
|
$apply
|
query |
|
string
|
OData 为聚合应用表达式。
|
$filter
|
query |
|
string
|
OData 筛选器表达式。
|
$from
|
query |
|
string
date-time
|
ISO 8601 格式化时间戳,指定查询间隔的开始时间。 如果未指定,该服务将使用 ($to - 1 天的) 。
|
$orderby
|
query |
|
string
|
使用 OData 表示法对表达式进行排序。 一个或多个逗号分隔列名,带有可选的“desc” (默认) 或“asc”,例如“$orderby=PolicyAssignmentId, ResourceId asc”。
|
$select
|
query |
|
string
|
使用 OData 表示法选择表达式。 将每条记录上的列限制为仅请求的列,例如“$select=PolicyAssignmentId, ResourceId”。
|
$skiptoken
|
query |
|
string
|
仅当上一个响应返回部分结果作为 nextLink 元素的一部分时,才提供 Skiptoken。
|
$to
|
query |
|
string
date-time
|
ISO 8601 格式时间戳,指定查询间隔的结束时间。 如果未指定,服务将使用请求时间。
|
$top
|
query |
|
integer
int32
|
要返回的最大记录数。
|
响应
安全性
azure_auth
Azure Active Directory OAuth2 流
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
名称 |
说明 |
user_impersonation
|
模拟用户帐户
|
示例
Query latest at resource group scope
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyStatesResource;
/** Samples for PolicyStates ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
*/
/**
* Sample code: Query latest at resource group scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryLatestAtResourceGroupScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyStates()
.listQueryResultsForResourceGroup(
PolicyStatesResource.LATEST,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_states_query_resource_group_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_states.list_query_results_for_resource_group(
policy_states_resource="latest",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
func ExamplePolicyStatesClient_NewListQueryResultsForResourceGroupPager_queryLatestAtResourceGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyStatesClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyStatesResourceLatest, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyStatesQueryResults = armpolicyinsights.PolicyStatesQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyState{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyAssignmentVersion: to.Ptr("1.0.0"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionVersion: to.Ptr("1.0.0-preview"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionVersion: to.Ptr("2.0.1"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("Compliant"),
// IsCompliant: to.Ptr(true),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyAssignmentVersion: to.Ptr("1.0.0"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionVersion: to.Ptr("1.0.0-preview"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionVersion: to.Ptr("2.0.1"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy states for the resources under the resource group.
*
* @summary Queries policy states for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
*/
async function queryLatestAtResourceGroupScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyStatesResource = "latest";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyStates.listQueryResultsForResourceGroup(
policyStatesResource,
subscriptionId,
resourceGroupName
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScope.json
// this example is just showing the usage of "PolicyStates_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyStateType policyStateType = PolicyStateType.Latest;
await foreach (PolicyState item in resourceGroupResource.GetPolicyStateQueryResultsAsync(policyStateType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"effectiveParameters": null,
"isCompliant": true,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "Compliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
}
]
}
Query latest at resource group scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyStatesResource;
/** Samples for PolicyStates ListQueryResultsForResourceGroup. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
*/
/**
* Sample code: Query latest at resource group scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryLatestAtResourceGroupScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyStates()
.listQueryResultsForResourceGroup(
PolicyStatesResource.LATEST,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"myResourceGroup",
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_states_query_resource_group_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_states.list_query_results_for_resource_group(
policy_states_resource="latest",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
resource_group_name="myResourceGroup",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
func ExamplePolicyStatesClient_NewListQueryResultsForResourceGroupPager_queryLatestAtResourceGroupScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyStatesClient().NewListQueryResultsForResourceGroupPager(armpolicyinsights.PolicyStatesResourceLatest, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "myResourceGroup", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyStatesQueryResults = armpolicyinsights.PolicyStatesQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyState{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity"),
// ComplianceState: to.Ptr("Compliant"),
// IsCompliant: to.Ptr(true),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentName: to.Ptr("3f3c4330183b4e218fe6fd29"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionGroupNames: []*string{
// to.Ptr("myGroup")},
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicyDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e3682"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// PolicySetDefinitionName: to.Ptr("3e3807c1-65c9-49e0-a406-82d8ae3e338c"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.Storage/storageAccounts"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-10-09T18:42:42.000Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy states for the resources under the resource group.
*
* @summary Queries policy states for the resources under the resource group.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
*/
async function queryLatestAtResourceGroupScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyStatesResource = "latest";
const resourceGroupName = process.env["POLICYINSIGHTS_RESOURCE_GROUP"] || "myResourceGroup";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyStates.listQueryResultsForResourceGroup(
policyStatesResource,
subscriptionId,
resourceGroupName,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.PolicyInsights;
using Azure.ResourceManager.PolicyInsights.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyStates_QueryResourceGroupScopeNextLink.json
// this example is just showing the usage of "PolicyStates_ListQueryResultsForResourceGroup" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "fffedd8f-ffff-fffd-fffd-fffed2f84852";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// invoke the operation and iterate over the result
PolicyStateType policyStateType = PolicyStateType.Latest;
await foreach (PolicyState item in resourceGroupResource.GetPolicyStateQueryResultsAsync(policyStateType))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
]
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T18:42:42Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myResourceGroup/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/3f3c4330183b4e218fe6fd29",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"effectiveParameters": null,
"isCompliant": true,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Storage/storageAccounts",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "3f3c4330183b4e218fe6fd29",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e3682",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionName": "3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "Compliant",
"policyDefinitionGroupNames": [
"myGroup"
]
}
]
}
定义
ComponentStateDetails
组件状态详细信息。
名称 |
类型 |
说明 |
complianceState
|
string
|
组件符合性状态。
|
id
|
string
|
组件 ID。
|
name
|
string
|
组件名称。
|
timestamp
|
string
|
组件符合性评估时间戳。
|
type
|
string
|
组件类型。
|
Error
错误定义。
名称 |
类型 |
说明 |
code
|
string
|
服务特定的错误代码,用作 HTTP 错误代码的子状态。
|
message
|
string
|
错误的说明。
|
ExpressionEvaluationDetails
策略语言表达式的评估详细信息。
名称 |
类型 |
说明 |
expression
|
string
|
计算的表达式。
|
expressionKind
|
string
|
计算的表达式类型。
|
expressionValue
|
object
|
表达式的值。
|
operator
|
string
|
用于比较表达式值和目标值的运算符。
|
path
|
string
|
如果表达式是字段或别名,则为属性路径。
|
result
|
string
|
评估结果。
|
targetValue
|
object
|
要与表达式值进行比较的目标值。
|
IfNotExistsEvaluationDetails
IfNotExists 效果的评估详细信息。
名称 |
类型 |
说明 |
resourceId
|
string
|
IfNotExists 效果的上次评估资源的 ID。
|
totalResources
|
integer
|
存在条件适用的资源总数。
|
PolicyEvaluationDetails
策略评估详细信息。
PolicyState
策略状态记录。
名称 |
类型 |
说明 |
@odata.context
|
string
|
OData 上下文字符串;OData 客户端用于基于元数据解析类型信息。
|
@odata.id
|
string
|
OData 实体 ID;始终设置为 null,因为策略状态记录没有实体 ID。
|
complianceState
|
string
|
资源的符合性状态。
|
components
|
ComponentStateDetails[]
|
仅当 URL 包含 $expand=components 子句时,才会填充组件状态符合性记录。
|
effectiveParameters
|
string
|
策略分配的有效参数。
|
isCompliant
|
boolean
|
指示资源是否符合对其评估的策略分配的标志。 此属性已弃用;请改用 ComplianceState。
|
managementGroupIds
|
string
|
管理组 ID 的逗号分隔列表,表示资源所在的管理组的层次结构。
|
policyAssignmentId
|
string
|
策略分配 ID。
|
policyAssignmentName
|
string
|
策略分配名称。
|
policyAssignmentOwner
|
string
|
策略分配所有者。
|
policyAssignmentParameters
|
string
|
策略分配参数。
|
policyAssignmentScope
|
string
|
策略分配范围。
|
policyAssignmentVersion
|
string
|
评估的策略分配版本。
|
policyDefinitionAction
|
string
|
策略定义操作,即效果。
|
policyDefinitionCategory
|
string
|
策略定义类别。
|
policyDefinitionGroupNames
|
string[]
|
策略定义组名称。
|
policyDefinitionId
|
string
|
策略定义 ID。
|
policyDefinitionName
|
string
|
策略定义名称。
|
policyDefinitionReferenceId
|
string
|
策略集中策略定义的引用 ID(如果策略分配针对策略集)。
|
policyDefinitionVersion
|
string
|
评估的策略定义版本。
|
policyEvaluationDetails
|
PolicyEvaluationDetails
|
策略评估详细信息。
|
policySetDefinitionCategory
|
string
|
策略集定义类别(如果策略分配针对策略集)。
|
policySetDefinitionId
|
string
|
策略集定义 ID(如果策略分配适用于策略集)。
|
policySetDefinitionName
|
string
|
策略集定义名称(如果策略分配适用于策略集)。
|
policySetDefinitionOwner
|
string
|
策略集定义所有者(如果策略分配适用于策略集)。
|
policySetDefinitionParameters
|
string
|
策略集定义参数(如果策略分配适用于策略集)。
|
policySetDefinitionVersion
|
string
|
评估的策略集定义版本。
|
resourceGroup
|
string
|
资源组名称。
|
resourceId
|
string
|
资源 ID。
|
resourceLocation
|
string
|
资源位置。
|
resourceTags
|
string
|
资源标记列表。
|
resourceType
|
string
|
资源类型。
|
subscriptionId
|
string
|
订阅 ID。
|
timestamp
|
string
|
策略状态记录的时间戳。
|
PolicyStatesQueryResults
查询结果。
名称 |
类型 |
说明 |
@odata.context
|
string
|
OData 上下文字符串;OData 客户端用于基于元数据解析类型信息。
|
@odata.count
|
integer
|
OData 实体计数;表示返回的策略状态记录数。
|
@odata.nextLink
|
string
|
Odata 下一个链接;用于获取下一组结果的 URL。
|
value
|
PolicyState[]
|
查询结果。
|
PolicyStatesResource
PolicyStates 资源类型下的虚拟资源。 在给定的时间范围内,“latest”表示 () 的最新策略状态,而“default”表示 () 的所有策略状态。
名称 |
类型 |
说明 |
default
|
string
|
|
latest
|
string
|
|
QueryFailure
错误响应。
名称 |
类型 |
说明 |
error
|
Error
|
错误定义。
|