Attestations - Create Or Update At Subscription

Služba:

Policy

Verze rozhraní API:

2022-09-01

Vytvoří nebo aktualizuje ověření identity v oboru předplatného.

PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.PolicyInsights/attestations/{attestationName}?api-version=2022-09-01

Parametry identifikátoru URI

Name	V	Vyžadováno	Typ	Description
attestationName	path	True	string	Název ověření identity.
subscriptionId	path	True	string minLength: 1	ID cílového předplatného.
api-version	query	True	string minLength: 1	Verze rozhraní API, která se má použít pro tuto operaci.

Text požadavku

Name	Vyžadováno	Typ	Description
properties.policyAssignmentId	True	string	ID prostředku přiřazení zásady, pro které ověření identity nastavuje stav.
properties.assessmentDate		string (date-time)	Doba, kdy byly důkazy posouzeny
properties.comments		string	Komentáře popisující, proč se toto ověření vytvořilo.
properties.complianceState		ComplianceState	Stav dodržování předpisů, který by měl být nastaven pro prostředek.
properties.evidence		AttestationEvidence[]	Důkazy podporující stav dodržování předpisů nastavený v tomto ověření.
properties.expiresOn		string (date-time)	Čas vypršení platnosti stavu dodržování předpisů.
properties.metadata		object	Další metadata pro toto ověření identity
properties.owner		string	Osoba odpovědná za nastavení stavu prostředku. Tato hodnota je obvykle ID objektu Azure Active Directory.
properties.policyDefinitionReferenceId		string	REFERENČNÍ ID definice zásady z definice sady zásad, pro kterou ověření identity nastavuje stav. Pokud přiřazení zásady přiřadí definici sady zásad, může ověření identity zvolit definici v definici sady s touto vlastností nebo tuto vlastnost vynechat a nastavit stav pro celou definici sady.

Odpovědi

Name	Typ	Description
200 OK	Attestation	Aktualizovaná ověření identity.
201 Created	Attestation	Vytvořená ověření identity.
Other Status Codes	ErrorResponse	Chybová odpověď popisující, proč operace selhala.

Zabezpečení

azure_auth

Azure Active Directory OAuth2 Flow

Typ: oauth2
Tok: implicit
URL autorizace: https://login.microsoftonline.com/common/oauth2/authorize

Rozsahy

Name	Description
user_impersonation	zosobnění uživatelského účtu

Příklady

Create attestation at subscription scope

Create attestation at subscription scope with all properties

Create attestation at subscription scope

Ukázkový požadavek

HTTP

PUT https://management.azure.com/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/Microsoft.PolicyInsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e?api-version=2022-09-01

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "complianceState": "Compliant"
  }
}

Java

import com.azure.resourcemanager.policyinsights.fluent.models.AttestationInner;
import com.azure.resourcemanager.policyinsights.models.ComplianceState;

/**
 * Samples for Attestations CreateOrUpdateAtSubscription.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/
     * Attestations_CreateSubscriptionScope.json
     */
    /**
     * Sample code: Create attestation at subscription scope.
     * 
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void
        createAttestationAtSubscriptionScope(com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) {
        manager.attestations().createOrUpdateAtSubscription("790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
            new AttestationInner().withPolicyAssignmentId(
                "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5")
                .withComplianceState(ComplianceState.COMPLIANT),
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Python

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python attestations_create_subscription_scope.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="35ee058e-5fa0-414c-8145-3ebb8d09b6e2",
    )

    response = client.attestations.begin_create_or_update_at_subscription(
        attestation_name="790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
        parameters={
            "properties": {
                "complianceState": "Compliant",
                "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
            }
        },
    ).result()
    print(response)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armpolicyinsights_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
func ExampleAttestationsClient_BeginCreateOrUpdateAtSubscription_createAttestationAtSubscriptionScope() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewAttestationsClient().BeginCreateOrUpdateAtSubscription(ctx, "790996e6-9871-4b1f-9cd9-ec42cd6ced1e", armpolicyinsights.Attestation{
		Properties: &armpolicyinsights.AttestationProperties{
			ComplianceState:    to.Ptr(armpolicyinsights.ComplianceStateCompliant),
			PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.Attestation = armpolicyinsights.Attestation{
	// 	Name: to.Ptr("790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
	// 	Type: to.Ptr("Microsoft.PolicyInsights/attestations"),
	// 	ID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
	// 	Properties: &armpolicyinsights.AttestationProperties{
	// 		ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
	// 		LastComplianceStateChangeAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
	// 		ProvisioningState: to.Ptr("Succeeded"),
	// 	},
	// 	SystemData: &armpolicyinsights.SystemData{
	// 		CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
	// 		CreatedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
	// 		LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
	// 		LastModifiedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Creates or updates an attestation at subscription scope.
 *
 * @summary Creates or updates an attestation at subscription scope.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope.json
 */
async function createAttestationAtSubscriptionScope() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "35ee058e-5fa0-414c-8145-3ebb8d09b6e2";
  const attestationName = "790996e6-9871-4b1f-9cd9-ec42cd6ced1e";
  const parameters = {
    complianceState: "Compliant",
    policyAssignmentId:
      "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
  };
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const result = await client.attestations.beginCreateOrUpdateAtSubscriptionAndWait(
    attestationName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Ukázková odpověď

Stavový kód:

200

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "complianceState": "Compliant",
    "lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
    "provisioningState": "Succeeded"
  },
  "systemData": {
    "createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "createdByType": "User",
    "createdAt": "2020-06-15T18:52:27Z",
    "lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2020-06-15T18:52:27Z"
  },
  "id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "type": "Microsoft.PolicyInsights/attestations"
}

Stavový kód:

201

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "complianceState": "Compliant",
    "lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
    "provisioningState": "Succeeded"
  },
  "systemData": {
    "createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "createdByType": "User",
    "createdAt": "2020-06-15T18:52:27Z",
    "lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2020-06-15T18:52:27Z"
  },
  "id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "type": "Microsoft.PolicyInsights/attestations"
}

Create attestation at subscription scope with all properties

Ukázkový požadavek

HTTP

PUT https://management.azure.com/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/Microsoft.PolicyInsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e?api-version=2022-09-01

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
    "complianceState": "Compliant",
    "expiresOn": "2021-06-15T00:00:00Z",
    "owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
    "comments": "This subscription has passed a security audit.",
    "evidence": [
      {
        "description": "The results of the security audit.",
        "sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
      }
    ],
    "assessmentDate": "2021-06-10T00:00:00Z",
    "metadata": {
      "departmentId": "NYC-MARKETING-1"
    }
  }
}

Java

import com.azure.core.management.serializer.SerializerFactory;
import com.azure.core.util.serializer.SerializerEncoding;
import com.azure.resourcemanager.policyinsights.fluent.models.AttestationInner;
import com.azure.resourcemanager.policyinsights.models.AttestationEvidence;
import com.azure.resourcemanager.policyinsights.models.ComplianceState;
import java.io.IOException;
import java.time.OffsetDateTime;
import java.util.Arrays;

/**
 * Samples for Attestations CreateOrUpdateAtSubscription.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/
     * Attestations_CreateSubscriptionScope_AllProperties.json
     */
    /**
     * Sample code: Create attestation at subscription scope with all properties.
     * 
     * @param manager Entry point to PolicyInsightsManager.
     */
    public static void createAttestationAtSubscriptionScopeWithAllProperties(
        com.azure.resourcemanager.policyinsights.PolicyInsightsManager manager) throws IOException {
        manager.attestations().createOrUpdateAtSubscription("790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
            new AttestationInner().withPolicyAssignmentId(
                "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5")
                .withPolicyDefinitionReferenceId("0b158b46-ff42-4799-8e39-08a5c23b4551")
                .withComplianceState(ComplianceState.COMPLIANT)
                .withExpiresOn(OffsetDateTime.parse("2021-06-15T00:00:00Z"))
                .withOwner("55a32e28-3aa5-4eea-9b5a-4cd85153b966")
                .withComments("This subscription has passed a security audit.")
                .withEvidence(
                    Arrays.asList(new AttestationEvidence().withDescription("The results of the security audit.")
                        .withSourceUri("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011")))
                .withAssessmentDate(OffsetDateTime.parse("2021-06-10T00:00:00Z"))
                .withMetadata(SerializerFactory.createDefaultManagementSerializerAdapter()
                    .deserialize("{\"departmentId\":\"NYC-MARKETING-1\"}", Object.class, SerializerEncoding.JSON)),
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Python

from azure.identity import DefaultAzureCredential
from azure.mgmt.policyinsights import PolicyInsightsClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-policyinsights
# USAGE
    python attestations_create_subscription_scope_all_properties.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = PolicyInsightsClient(
        credential=DefaultAzureCredential(),
        subscription_id="35ee058e-5fa0-414c-8145-3ebb8d09b6e2",
    )

    response = client.attestations.begin_create_or_update_at_subscription(
        attestation_name="790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
        parameters={
            "properties": {
                "assessmentDate": "2021-06-10T00:00:00Z",
                "comments": "This subscription has passed a security audit.",
                "complianceState": "Compliant",
                "evidence": [
                    {
                        "description": "The results of the security audit.",
                        "sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011",
                    }
                ],
                "expiresOn": "2021-06-15T00:00:00Z",
                "metadata": {"departmentId": "NYC-MARKETING-1"},
                "owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
                "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
                "policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
            }
        },
    ).result()
    print(response)


# x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armpolicyinsights_test

import (
	"context"
	"log"

	"time"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/policyinsights/armpolicyinsights"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/05a9cdab363b8ec824094ee73950c04594325172/specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
func ExampleAttestationsClient_BeginCreateOrUpdateAtSubscription_createAttestationAtSubscriptionScopeWithAllProperties() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armpolicyinsights.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewAttestationsClient().BeginCreateOrUpdateAtSubscription(ctx, "790996e6-9871-4b1f-9cd9-ec42cd6ced1e", armpolicyinsights.Attestation{
		Properties: &armpolicyinsights.AttestationProperties{
			AssessmentDate:  to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-10T00:00:00.000Z"); return t }()),
			Comments:        to.Ptr("This subscription has passed a security audit."),
			ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
			Evidence: []*armpolicyinsights.AttestationEvidence{
				{
					Description: to.Ptr("The results of the security audit."),
					SourceURI:   to.Ptr("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"),
				}},
			ExpiresOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-15T00:00:00.000Z"); return t }()),
			Metadata: map[string]any{
				"departmentId": "NYC-MARKETING-1",
			},
			Owner:                       to.Ptr("55a32e28-3aa5-4eea-9b5a-4cd85153b966"),
			PolicyAssignmentID:          to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
			PolicyDefinitionReferenceID: to.Ptr("0b158b46-ff42-4799-8e39-08a5c23b4551"),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.Attestation = armpolicyinsights.Attestation{
	// 	Name: to.Ptr("790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
	// 	Type: to.Ptr("Microsoft.PolicyInsights/attestations"),
	// 	ID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
	// 	Properties: &armpolicyinsights.AttestationProperties{
	// 		AssessmentDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-10T00:00:00.000Z"); return t}()),
	// 		Comments: to.Ptr("This subscription has passed a security audit."),
	// 		ComplianceState: to.Ptr(armpolicyinsights.ComplianceStateCompliant),
	// 		Evidence: []*armpolicyinsights.AttestationEvidence{
	// 			{
	// 				Description: to.Ptr("The results of the security audit."),
	// 				SourceURI: to.Ptr("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"),
	// 		}},
	// 		ExpiresOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-06-15T00:00:00.000Z"); return t}()),
	// 		LastComplianceStateChangeAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		Metadata: map[string]any{
	// 			"departmentId": "NYC-MARKETING-1",
	// 		},
	// 		Owner: to.Ptr("55a32e28-3aa5-4eea-9b5a-4cd85153b966"),
	// 		PolicyAssignmentID: to.Ptr("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
	// 		PolicyDefinitionReferenceID: to.Ptr("0b158b46-ff42-4799-8e39-08a5c23b4551"),
	// 		ProvisioningState: to.Ptr("Succeeded"),
	// 	},
	// 	SystemData: &armpolicyinsights.SystemData{
	// 		CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		CreatedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
	// 		CreatedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
	// 		LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-06-15T18:52:27.000Z"); return t}()),
	// 		LastModifiedBy: to.Ptr("b69a9388-9488-4534-b470-7ec6d41beef6"),
	// 		LastModifiedByType: to.Ptr(armpolicyinsights.CreatedByTypeUser),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { PolicyInsightsClient } = require("@azure/arm-policyinsights");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Creates or updates an attestation at subscription scope.
 *
 * @summary Creates or updates an attestation at subscription scope.
 * x-ms-original-file: specification/policyinsights/resource-manager/Microsoft.PolicyInsights/stable/2022-09-01/examples/Attestations_CreateSubscriptionScope_AllProperties.json
 */
async function createAttestationAtSubscriptionScopeWithAllProperties() {
  const subscriptionId =
    process.env["POLICYINSIGHTS_SUBSCRIPTION_ID"] || "35ee058e-5fa0-414c-8145-3ebb8d09b6e2";
  const attestationName = "790996e6-9871-4b1f-9cd9-ec42cd6ced1e";
  const parameters = {
    assessmentDate: new Date("2021-06-10T00:00:00Z"),
    comments: "This subscription has passed a security audit.",
    complianceState: "Compliant",
    evidence: [
      {
        description: "The results of the security audit.",
        sourceUri: "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011",
      },
    ],
    expiresOn: new Date("2021-06-15T00:00:00Z"),
    metadata: { departmentId: "NYC-MARKETING-1" },
    owner: "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
    policyAssignmentId:
      "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    policyDefinitionReferenceId: "0b158b46-ff42-4799-8e39-08a5c23b4551",
  };
  const credential = new DefaultAzureCredential();
  const client = new PolicyInsightsClient(credential, subscriptionId);
  const result = await client.attestations.beginCreateOrUpdateAtSubscriptionAndWait(
    attestationName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Ukázková odpověď

Stavový kód:

200

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
    "complianceState": "Compliant",
    "lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
    "expiresOn": "2021-06-15T00:00:00Z",
    "owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
    "comments": "This subscription has passed a security audit.",
    "evidence": [
      {
        "description": "The results of the security audit.",
        "sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
      }
    ],
    "assessmentDate": "2021-06-10T00:00:00Z",
    "metadata": {
      "departmentId": "NYC-MARKETING-1"
    },
    "provisioningState": "Succeeded"
  },
  "systemData": {
    "createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "createdByType": "User",
    "createdAt": "2020-06-15T18:52:27Z",
    "lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2020-06-15T18:52:27Z"
  },
  "id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "type": "Microsoft.PolicyInsights/attestations"
}

Stavový kód:

201

{
  "properties": {
    "policyAssignmentId": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
    "policyDefinitionReferenceId": "0b158b46-ff42-4799-8e39-08a5c23b4551",
    "complianceState": "Compliant",
    "lastComplianceStateChangeAt": "2020-06-15T18:52:27Z",
    "expiresOn": "2021-06-15T00:00:00Z",
    "owner": "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
    "comments": "This subscription has passed a security audit.",
    "evidence": [
      {
        "description": "The results of the security audit.",
        "sourceUri": "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"
      }
    ],
    "assessmentDate": "2021-06-10T00:00:00Z",
    "metadata": {
      "departmentId": "NYC-MARKETING-1"
    },
    "provisioningState": "Succeeded"
  },
  "systemData": {
    "createdBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "createdByType": "User",
    "createdAt": "2020-06-15T18:52:27Z",
    "lastModifiedBy": "b69a9388-9488-4534-b470-7ec6d41beef6",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2020-06-15T18:52:27Z"
  },
  "id": "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.policyinsights/attestations/790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "name": "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
  "type": "Microsoft.PolicyInsights/attestations"
}

Definice

Name	Description
Attestation	Prostředek ověření identity.
AttestationEvidence	Důkaz, který podporuje stav dodržování předpisů nastavený v ověření identity.
ComplianceState	Stav dodržování předpisů, který by měl být nastaven pro prostředek.
createdByType	Typ identity, která prostředek vytvořila.
ErrorDefinition	Definice chyby
ErrorResponse	Chybová odpověď.
systemData	Metadata týkající se vytvoření a poslední změny prostředku.
TypedErrorInfo	Podrobnosti o konkrétní chybě scénáře

Attestation

Objekt

Prostředek ověření identity.

Name	Typ	Description
id	string	Plně kvalifikované ID prostředku pro prostředek. Příklad : /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
name	string	Název prostředku
properties.assessmentDate	string (date-time)	Doba, kdy byly důkazy posouzeny
properties.comments	string	Komentáře popisující, proč se toto ověření vytvořilo.
properties.complianceState	ComplianceState	Stav dodržování předpisů, který by měl být nastaven pro prostředek.
properties.evidence	AttestationEvidence[]	Důkazy podporující stav dodržování předpisů nastavený v tomto ověření.
properties.expiresOn	string (date-time)	Čas vypršení platnosti stavu dodržování předpisů.
properties.lastComplianceStateChangeAt	string (date-time)	Čas poslední změny stavu dodržování předpisů v tomto ověření.
properties.metadata	object	Další metadata pro toto ověření identity
properties.owner	string	Osoba odpovědná za nastavení stavu prostředku. Tato hodnota je obvykle ID objektu Azure Active Directory.
properties.policyAssignmentId	string	ID prostředku přiřazení zásady, pro které ověření identity nastavuje stav.
properties.policyDefinitionReferenceId	string	REFERENČNÍ ID definice zásady z definice sady zásad, pro kterou ověření identity nastavuje stav. Pokud přiřazení zásady přiřadí definici sady zásad, může ověření identity zvolit definici v definici sady s touto vlastností nebo tuto vlastnost vynechat a nastavit stav pro celou definici sady.
properties.provisioningState	string	Stav ověření identity.
systemData	systemData	Metadata Azure Resource Manageru obsahující informace createdBy a modifiedBy
type	string	Typ prostředku. Například Microsoft.Compute/virtualMachines nebo Microsoft.Storage/storageAccounts

AttestationEvidence

Objekt

Důkaz, který podporuje stav dodržování předpisů nastavený v ověření identity.

Name	Typ	Description
description	string	Popis této části důkazů.
sourceUri	string	Umístění identifikátoru URI důkazů.

ComplianceState

Výčet

Stav dodržování předpisů, který by měl být nastaven pro prostředek.

Hodnota	Description
Compliant	Prostředek je v souladu se zásadami.
NonCompliant	Prostředek není v souladu se zásadami.
Unknown	Stav dodržování předpisů prostředku není známý.

createdByType

Výčet

Typ identity, která prostředek vytvořila.

Hodnota	Description
Application
Key
ManagedIdentity
User

ErrorDefinition

Objekt

Definice chyby

Name	Typ	Description
additionalInfo	TypedErrorInfo[]	Další podrobnosti o chybě specifické pro konkrétní scénář
code	string	Kód chyby specifický pro službu, který slouží jako dílčí stav kódu chyby HTTP.
details	ErrorDefinition[]	Podrobnosti o vnitřní chybě.
message	string	Popis chyby
target	string	Cíl chyby.

ErrorResponse

Objekt

Chybová odpověď.

Name	Typ	Description
error	ErrorDefinition	Podrobnosti o chybě.

systemData

Objekt

Metadata týkající se vytvoření a poslední změny prostředku.

Name	Typ	Description
createdAt	string (date-time)	Časové razítko vytvoření prostředku (UTC).
createdBy	string	Identita, která prostředek vytvořila.
createdByType	createdByType	Typ identity, která prostředek vytvořila.
lastModifiedAt	string (date-time)	Časové razítko poslední změny zdroje (UTC)
lastModifiedBy	string	Identita, která naposledy změnila prostředek.
lastModifiedByType	createdByType	Typ identity, která naposledy změnila prostředek.

TypedErrorInfo

Objekt

Podrobnosti o konkrétní chybě scénáře

Name	Typ	Description
info		Podrobnosti o konkrétní chybě scénáře.
type	string	Typ zahrnutých podrobností o chybě.