查詢訂用帳戶層級原則定義的原則事件。
POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
With optional parameters:
POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}
URI 參數
名稱 |
位於 |
必要 |
類型 |
Description |
authorizationNamespace
|
path |
True
|
AuthorizationNamespaceType
|
Microsoft 授權資源提供者的命名空間;只允許 「Microsoft.Authorization」。。
|
policyDefinitionName
|
path |
True
|
string
|
原則定義名稱。
|
policyEventsResource
|
path |
True
|
PolicyEventsResourceType
|
PolicyEvents 資源類型下的虛擬資源名稱;只允許 「default」。。
|
subscriptionId
|
path |
True
|
string
|
Microsoft Azure 訂用帳戶標識碼。
|
api-version
|
query |
True
|
string
|
用戶端 API 版本。
|
$apply
|
query |
|
string
|
OData 適用於匯總的表達式。
|
$filter
|
query |
|
string
|
OData 篩選表達式。
|
$from
|
query |
|
string
date-time
|
ISO 8601 格式化時間戳,指定要查詢的間隔開始時間。 未指定時,服務會使用 ($to - 1 天) 。
|
$orderby
|
query |
|
string
|
使用 OData 表示法排序表達式。 具有選擇性 「desc」 的一或多個逗號分隔數據行名稱 (預設) 或 “asc”,例如 “$orderby=PolicyAssignmentId, ResourceId asc”。
|
$select
|
query |
|
string
|
使用 OData 表示法選取表達式。 將每個記錄上的數據行限制為只要求的數據行,例如 「$select=PolicyAssignmentId, ResourceId」。。
|
$skiptoken
|
query |
|
string
|
只有在先前的回應傳回部分結果做為 nextLink 元素的一部分時,才會提供 Skiptoken。
|
$to
|
query |
|
string
date-time
|
ISO 8601 格式化時間戳,指定要查詢的間隔結束時間。 未指定時,服務會使用要求時間。
|
$top
|
query |
|
integer
int32
|
要傳回的記錄數目上限。
|
回應
安全性
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
名稱 |
Description |
user_impersonation
|
模擬您的用戶帳戶
|
範例
Query at subscription level policy definition scope
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForPolicyDefinition. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
*/
/**
* Sample code: Query at subscription level policy definition scope.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelPolicyDefinitionScope(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForPolicyDefinition(
PolicyEventsResourceType.DEFAULT,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"24813039-7534-408a-9842-eb99f45721b1",
null,
null,
null,
null,
null,
null,
null,
null,
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_policy_definition_scope.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_events.list_query_results_for_policy_definition(
policy_events_resource="default",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
policy_definition_name="24813039-7534-408a-9842-eb99f45721b1",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
func ExamplePolicyEventsClient_NewListQueryResultsForPolicyDefinitionPager_queryAtSubscriptionLevelPolicyDefinitionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForPolicyDefinitionPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "24813039-7534-408a-9842-eb99f45721b1", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: nil,
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
// PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionReferenceID: to.Ptr("14799174781370023846"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
// PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionReferenceID: to.Ptr("1679708035638239273"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the subscription level policy definition.
*
* @summary Queries policy events for the subscription level policy definition.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScope.json
*/
async function queryAtSubscriptionLevelPolicyDefinitionScope() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const policyDefinitionName = "24813039-7534-408a-9842-eb99f45721b1";
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForPolicyDefinition(
policyEventsResource,
subscriptionId,
policyDefinitionName
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-08T19:58:11.590596Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "f4cc58b7db524a9799381531",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "14799174781370023846",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-08T19:58:11.590596Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "f4cc58b7db524a9799381531",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "1679708035638239273",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
Query at subscription level policy definition scope with next link
Sample Request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2019-10-01&$skiptoken=WpmWfBSvPhkAK6QD
import com.azure.core.util.Context;
import com.azure.resourcemanager.policyinsights.models.PolicyEventsResourceType;
/** Samples for PolicyEvents ListQueryResultsForPolicyDefinition. */
public final class Main {
/*
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
*/
/**
* Sample code: Query at subscription level policy definition scope with next link.
*
* @param manager Entry point to PolicyInsightsManager.
*/
public static void queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink(
com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
manager
.policyEvents()
.listQueryResultsForPolicyDefinition(
PolicyEventsResourceType.DEFAULT,
"fffedd8f-ffff-fffd-fffd-fffed2f84852",
"24813039-7534-408a-9842-eb99f45721b1",
null,
null,
null,
null,
null,
null,
null,
"WpmWfBSvPhkAK6QD",
Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-policyinsights
# USAGE
python policy_events_query_subscription_level_policy_definition_scope_next_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = PolicyInsightsClient(
credential=DefaultAzureCredential(),
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
)
response = client.policy_events.list_query_results_for_policy_definition(
policy_events_resource="default",
subscription_id="fffedd8f-ffff-fffd-fffd-fffed2f84852",
policy_definition_name="24813039-7534-408a-9842-eb99f45721b1",
)
for item in response:
print(item)
# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armpolicyinsights_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
func ExamplePolicyEventsClient_NewListQueryResultsForPolicyDefinitionPager_queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewPolicyEventsClient().NewListQueryResultsForPolicyDefinitionPager(armpolicyinsights.PolicyEventsResourceTypeDefault, "fffedd8f-ffff-fffd-fffd-fffed2f84852", "24813039-7534-408a-9842-eb99f45721b1", &armpolicyinsights.QueryOptions{Top: nil,
Filter: nil,
OrderBy: nil,
Select: nil,
From: nil,
To: nil,
Apply: nil,
SkipToken: to.Ptr("WpmWfBSvPhkAK6QD"),
Expand: nil,
}, nil)
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.PolicyEventsQueryResults = armpolicyinsights.PolicyEventsQueryResults{
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default"),
// ODataCount: to.Ptr[int32](2),
// Value: []*armpolicyinsights.PolicyEvent{
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
// PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionReferenceID: to.Ptr("14799174781370023846"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
// },
// {
// ODataContext: to.Ptr("https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity"),
// ComplianceState: to.Ptr("NonCompliant"),
// IsCompliant: to.Ptr(false),
// ManagementGroupIDs: to.Ptr("mymg,fff988bf-fff1-ffff-fffb-fffcd011db47"),
// PolicyAssignmentID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531"),
// PolicyAssignmentName: to.Ptr("f4cc58b7db524a9799381531"),
// PolicyAssignmentOwner: to.Ptr("tbd"),
// PolicyAssignmentParameters: to.Ptr("{\"TAGNAME_1\":{\"value\":\"NA\"}}"),
// PolicyAssignmentScope: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// PolicyDefinitionAction: to.Ptr("audit"),
// PolicyDefinitionCategory: to.Ptr("tbd"),
// PolicyDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionName: to.Ptr("24813039-7534-408a-9842-eb99f45721b1"),
// PolicyDefinitionReferenceID: to.Ptr("1679708035638239273"),
// PolicySetDefinitionID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PolicySetDefinitionName: to.Ptr("12b58873-e0f8-4b95-936c-86cbe7c9d697"),
// PrincipalOid: to.Ptr("fff890fa-fff0-fff3-fff9-fffd7653f078"),
// ResourceGroup: to.Ptr("myResourceGroup"),
// ResourceID: to.Ptr("/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start"),
// ResourceLocation: to.Ptr("eastus"),
// ResourceTags: to.Ptr("tbd"),
// ResourceType: to.Ptr("/Microsoft.ClassicCompute/domainNames/deploymentSlots/state"),
// SubscriptionID: to.Ptr("fffedd8f-ffff-fffd-fffd-fffed2f84852"),
// TenantID: to.Ptr("fff988bf-fff1-ffff-fffb-fffcd011db47"),
// Timestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-02-08T19:58:11.590Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Queries policy events for the subscription level policy definition.
*
* @summary Queries policy events for the subscription level policy definition.
* x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2019-10-01/examples/PolicyEvents_QuerySubscriptionLevelPolicyDefinitionScopeNextLink.json
*/
async function queryAtSubscriptionLevelPolicyDefinitionScopeWithNextLink() {
const subscriptionId =
process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const policyEventsResource = "default";
const policyDefinitionName = "24813039-7534-408a-9842-eb99f45721b1";
const skipToken = "WpmWfBSvPhkAK6QD";
const options = {
queryOptions: { skipToken: skipToken },
};
const credential = new DefaultAzureCredential();
const client = new PolicyInsightsClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.policyEvents.listQueryResultsForPolicyDefinition(
policyEventsResource,
subscriptionId,
policyDefinitionName,
options
)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-08T19:58:11.590596Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "f4cc58b7db524a9799381531",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "14799174781370023846",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity",
"timestamp": "2018-02-08T19:58:11.590596Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myResourceGroup/providers/Microsoft.ClassicCompute/domainNames/myDomainName/deploymentSlots/production/state/start",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/f4cc58b7db524a9799381531",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyDefinitions/24813039-7534-408a-9842-eb99f45721b1",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.ClassicCompute/domainNames/deploymentSlots/state",
"resourceLocation": "eastus",
"resourceGroup": "myResourceGroup",
"resourceTags": "tbd",
"policyAssignmentName": "f4cc58b7db524a9799381531",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{\"TAGNAME_1\":{\"value\":\"NA\"}}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policySetDefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionName": "12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": "1679708035638239273",
"tenantId": "fff988bf-fff1-ffff-fffb-fffcd011db47",
"principalOid": "fff890fa-fff0-fff3-fff9-fffd7653f078",
"complianceState": "NonCompliant"
}
]
}
定義
AuthorizationNamespaceType
Microsoft 授權資源提供者的命名空間;只允許 「Microsoft.Authorization」。。
名稱 |
類型 |
Description |
Microsoft.Authorization
|
string
|
|
ComponentEventDetails
元件事件詳細數據。
名稱 |
類型 |
Description |
id
|
string
|
元件識別碼。
|
name
|
string
|
元件名稱。
|
policyDefinitionAction
|
string
|
原則定義動作,也就是效果。
|
principalOid
|
string
|
起始觸發原則事件之資源元件作業的用戶主體物件標識符。
|
tenantId
|
string
|
原則事件記錄的租用戶標識碼。
|
timestamp
|
string
|
元件原則事件記錄的時間戳。
|
type
|
string
|
元件類型。
|
Error
錯誤定義。
名稱 |
類型 |
Description |
code
|
string
|
服務特定的錯誤碼,可作為 HTTP 錯誤碼的子狀態。
|
message
|
string
|
錯誤的描述。
|
PolicyEvent
原則事件記錄。
名稱 |
類型 |
Description |
@odata.context
|
string
|
OData 內容字串;OData 用戶端用來根據元數據解析類型資訊。
|
@odata.id
|
string
|
OData 實體識別碼;一律設定為 null,因為原則事件記錄沒有實體標識符。
|
complianceState
|
string
|
資源的合規性狀態。
|
components
|
ComponentEventDetails[]
|
只有在 URL 包含 $expand=components 子句時,才會填入元件事件記錄。
|
effectiveParameters
|
string
|
原則指派的有效參數。
|
isCompliant
|
boolean
|
標幟 ,指出資源是否符合其評估原則指派的規範。
|
managementGroupIds
|
string
|
以逗號分隔的管理群組標識符清單,代表資源所在的管理群組階層。
|
policyAssignmentId
|
string
|
原則指派標識碼。
|
policyAssignmentName
|
string
|
原則指派名稱。
|
policyAssignmentOwner
|
string
|
原則指派擁有者。
|
policyAssignmentParameters
|
string
|
原則指派參數。
|
policyAssignmentScope
|
string
|
原則指派範圍。
|
policyDefinitionAction
|
string
|
原則定義動作,也就是效果。
|
policyDefinitionCategory
|
string
|
原則定義類別。
|
policyDefinitionId
|
string
|
原則定義標識碼。
|
policyDefinitionName
|
string
|
原則定義名稱。
|
policyDefinitionReferenceId
|
string
|
如果原則指派是原則集內的原則定義,則為原則定義的參考標識碼。
|
policySetDefinitionCategory
|
string
|
原則集定義類別目錄,如果原則指派是針對原則集。
|
policySetDefinitionId
|
string
|
原則集定義標識碼,如果原則指派是針對原則集。
|
policySetDefinitionName
|
string
|
原則集定義名稱,如果原則指派是針對原則集。
|
policySetDefinitionOwner
|
string
|
原則集定義擁有者,如果原則指派適用於原則集合。
|
policySetDefinitionParameters
|
string
|
原則集定義參數,如果原則指派是針對原則集。
|
principalOid
|
string
|
起始觸發原則事件之資源作業的用戶主體物件標識符。
|
resourceGroup
|
string
|
資源群組名稱。
|
resourceId
|
string
|
資源識別碼。
|
resourceLocation
|
string
|
資源位置。
|
resourceTags
|
string
|
資源標籤的清單。
|
resourceType
|
string
|
資源類型。
|
subscriptionId
|
string
|
訂用帳戶 ID。
|
tenantId
|
string
|
原則事件記錄的租用戶標識碼。
|
timestamp
|
string
|
原則事件記錄的時間戳。
|
PolicyEventsQueryResults
查詢結果。
名稱 |
類型 |
Description |
@odata.context
|
string
|
OData 內容字串;OData 用戶端用來根據元數據解析類型資訊。
|
@odata.count
|
integer
|
OData 實體計數;代表傳回的原則事件記錄數目。
|
@odata.nextLink
|
string
|
Odata 下一個連結;取得下一組結果的 URL。
|
value
|
PolicyEvent[]
|
查詢結果。
|
PolicyEventsResourceType
PolicyEvents 資源類型下的虛擬資源名稱;只允許 「default」。。
名稱 |
類型 |
Description |
default
|
string
|
|
QueryFailure
錯誤回應。
名稱 |
類型 |
Description |
error
|
Error
|
錯誤定義。
|