Role Assignment Schedule Requests - Create

Referenz

Dienst:: Authorization

API-Version:: 2020-10-01

Erstellt eine Zeitplananforderung für Rollenzuweisungen.

PUT https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}?api-version=2020-10-01

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
roleAssignmentScheduleRequestName	path	True	string	Eine GUID für die zu erstellende Rollenzuweisung. Der Name muss für jede Rollenzuweisung eindeutig und unterschiedlich sein.
scope	path	True	string	Der Umfang der zu erstellenden Rollenzuweisungsplanungsanforderung. Der Bereich kann eine beliebige REST-Ressourceninstanz sein. Verwenden Sie z. B. "/subscriptions/{subscription-id}/" für ein Abonnement, "/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}" für eine Ressourcengruppe und "/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}" für eine Ressource.
api-version	query	True	string minLength: 1	Die API-Version, die für diesen Vorgang verwendet werden soll.

Anforderungstext

Name	Erforderlich	Typ	Beschreibung
properties.principalId	True	string	Die Prinzipal-ID.
properties.requestType	True	RequestType	Der Typ der Rollenzuweisungsplanungsanforderung. Eg: SelfActivate, AdminAssign usw.
properties.roleDefinitionId	True	string	Die Rollendefinitions-ID.
properties.condition		string	Die Bedingungen für die Rollenzuweisung. Dadurch werden die Ressourcen beschränkt, denen sie zugewiesen werden können. z. B.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'
properties.conditionVersion		string	Version der Bedingung. Der aktuell akzeptierte Wert ist "2,0"
properties.justification		string	Begründung für die Rollenzuweisung
properties.linkedRoleEligibilityScheduleId		string	Die verknüpfte Rollenberechtigungsplanungs-ID , um eine Berechtigung zu aktivieren.
properties.scheduleInfo		ScheduleInfo	Terminplaninformationen des Rollenzuweisungszeitplans
properties.targetRoleAssignmentScheduleId		string	Die resultierende Rollenzuweisungs-Zeitplan-ID oder die Rollenzuweisungsplanungs-ID, die aktualisiert wird
properties.targetRoleAssignmentScheduleInstanceId		string	Die Instanz-ID der Rollenzuweisungszeitplans, die aktualisiert wird
properties.ticketInfo		TicketInfo	Ticketinformationen der Rollenzuweisung

Antworten

Name	Typ	Beschreibung
201 Created	RoleAssignmentScheduleRequest	Erstellt – Gibt Informationen zur Rollenzuweisung zurück.
Other Status Codes	CloudError	Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist.

Sicherheit

azure_auth

Azure Active Directory OAuth2-Fluss

Typ: oauth2
Ablauf: implicit
Autorisierungs-URL: https://login.microsoftonline.com/common/oauth2/authorize

Bereiche

Name	Beschreibung
user_impersonation	Identitätswechsel ihres Benutzerkontos

Beispiele

PutRoleAssignmentScheduleRequest

Beispielanforderung

PUT https://management.azure.com/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045?api-version=2020-10-01

{
  "properties": {
    "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    "requestType": "SelfActivate",
    "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413",
    "scheduleInfo": {
      "startDateTime": "2020-09-09T21:35:27.91Z",
      "expiration": {
        "type": "AfterDuration",
        "endDateTime": null,
        "duration": "PT8H"
      }
    },
    "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    "conditionVersion": "1.0"
  }
}


import com.azure.resourcemanager.authorization.fluent.models.RoleAssignmentScheduleRequestInner;
import com.azure.resourcemanager.authorization.models.RequestType;
import com.azure.resourcemanager.authorization.models.RoleAssignmentScheduleRequestPropertiesScheduleInfo;
import com.azure.resourcemanager.authorization.models.RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration;
import com.azure.resourcemanager.authorization.models.Type;
import java.time.OffsetDateTime;

/**
 * Samples for RoleAssignmentScheduleRequests Create.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * PutRoleAssignmentScheduleRequest.json
     */
    /**
     * Sample code: PutRoleAssignmentScheduleRequest.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void putRoleAssignmentScheduleRequest(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleAssignmentScheduleRequests()
            .createWithResponse("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
                "fea7a502-9a96-4806-a26f-eee560e52045",
                new RoleAssignmentScheduleRequestInner().withRoleDefinitionId(
                    "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608")
                    .withPrincipalId("a3bb8764-cb92-4276-9d2a-ca1e895e55ea").withRequestType(RequestType.SELF_ACTIVATE)
                    .withScheduleInfo(new RoleAssignmentScheduleRequestPropertiesScheduleInfo()
                        .withStartDateTime(OffsetDateTime.parse("2020-09-09T21:35:27.91Z"))
                        .withExpiration(new RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration()
                            .withType(Type.AFTER_DURATION).withDuration("PT8H")))
                    .withLinkedRoleEligibilityScheduleId("b1477448-2cc6-4ceb-93b4-54a202a89413")
                    .withCondition(
                        "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'")
                    .withConditionVersion("1.0"),
                com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"time"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json
func ExampleRoleAssignmentScheduleRequestsClient_Create() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	_, err = clientFactory.NewRoleAssignmentScheduleRequestsClient().Create(ctx, "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "fea7a502-9a96-4806-a26f-eee560e52045", armauthorization.RoleAssignmentScheduleRequest{
		Properties: &armauthorization.RoleAssignmentScheduleRequestProperties{
			Condition:                       to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
			ConditionVersion:                to.Ptr("1.0"),
			LinkedRoleEligibilityScheduleID: to.Ptr("b1477448-2cc6-4ceb-93b4-54a202a89413"),
			PrincipalID:                     to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
			RequestType:                     to.Ptr(armauthorization.RequestTypeSelfActivate),
			RoleDefinitionID:                to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
			ScheduleInfo: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfo{
				Expiration: &armauthorization.RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration{
					Type:     to.Ptr(armauthorization.TypeAfterDuration),
					Duration: to.Ptr("PT8H"),
				},
				StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t }()),
			},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Creates a role assignment schedule request.
 *
 * @summary Creates a role assignment schedule request.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json
 */
async function putRoleAssignmentScheduleRequest() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
  const roleAssignmentScheduleRequestName = "fea7a502-9a96-4806-a26f-eee560e52045";
  const parameters = {
    condition:
      "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    conditionVersion: "1.0",
    linkedRoleEligibilityScheduleId: "b1477448-2cc6-4ceb-93b4-54a202a89413",
    principalId: "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    requestType: "SelfActivate",
    roleDefinitionId:
      "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    scheduleInfo: {
      expiration: {
        type: "AfterDuration",
        duration: "PT8H",
        endDateTime: undefined,
      },
      startDateTime: new Date("2020-09-09T21:35:27.91Z"),
    },
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const result = await client.roleAssignmentScheduleRequests.create(
    scope,
    roleAssignmentScheduleRequestName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization.Models;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json
// this example is just showing the usage of "RoleAssignmentScheduleRequests_Create" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// get the collection of this RoleAssignmentScheduleRequestResource
string scope = "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
RoleAssignmentScheduleRequestCollection collection = client.GetRoleAssignmentScheduleRequests(new ResourceIdentifier(scope));

// invoke the operation
string roleAssignmentScheduleRequestName = "fea7a502-9a96-4806-a26f-eee560e52045";
RoleAssignmentScheduleRequestData data = new RoleAssignmentScheduleRequestData
{
    RoleDefinitionId = new ResourceIdentifier("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
    PrincipalId = Guid.Parse("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
    RequestType = RoleManagementScheduleRequestType.SelfActivate,
    LinkedRoleEligibilityScheduleId = new ResourceIdentifier("b1477448-2cc6-4ceb-93b4-54a202a89413"),
    Condition = "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    ConditionVersion = "1.0",
    StartOn = DateTimeOffset.Parse("2020-09-09T21:35:27.91Z"),
    ExpirationType = RoleManagementScheduleExpirationType.AfterDuration,
    EndOn = default,
    Duration = XmlConvert.ToTimeSpan("PT8H"),
};
ArmOperation<RoleAssignmentScheduleRequestResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, roleAssignmentScheduleRequestName, data);
RoleAssignmentScheduleRequestResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
RoleAssignmentScheduleRequestData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:: 201

{
  "properties": {
    "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6",
    "targetRoleAssignmentScheduleInstanceId": null,
    "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
    "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
    "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "principalType": "User",
    "requestType": "SelfActivate",
    "status": "Provisioned",
    "approvalId": null,
    "scheduleInfo": {
      "startDateTime": "2020-09-09T21:35:27.91Z",
      "expiration": {
        "type": "AfterDuration",
        "endDateTime": null,
        "duration": "PT8H"
      }
    },
    "ticketInfo": {
      "ticketNumber": null,
      "ticketSystem": null
    },
    "justification": null,
    "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
    "createdOn": "2020-09-09T21:35:27.91Z",
    "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
    "conditionVersion": "1.0",
    "expandedProperties": {
      "scope": {
        "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "displayName": "Pay-As-You-Go",
        "type": "subscription"
      },
      "roleDefinition": {
        "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
        "displayName": "Contributor",
        "type": "BuiltInRole"
      },
      "principal": {
        "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "displayName": "User Account",
        "email": "user@my-tenant.com",
        "type": "User"
      }
    }
  },
  "name": "fea7a502-9a96-4806-a26f-eee560e52045",
  "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045",
  "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests"
}

Definitionen

Name	Beschreibung
CloudError	Eine Fehlerantwort des Diensts.
CloudErrorBody	Eine Fehlerantwort des Diensts.
ExpandedProperties
Expiration	Ablauf des Rollenzuweisungszeitplans
Principal	Details des Prinzipals
principalType	Der Prinzipaltyp der zugewiesenen Prinzipal-ID.
RequestType	Der Typ der Rollenzuweisungsplanungsanforderung. Eg: SelfActivate, AdminAssign usw.
RoleAssignmentScheduleRequest	Zeitplananforderung für Rollenzuweisungen
RoleDefinition	Details zur Rollendefinition
ScheduleInfo	Terminplaninformationen des Rollenzuweisungszeitplans
Scope	Details zum Ressourcenbereich
Status	Der Status der Rollenzuweisungsplanungsanforderung.
TicketInfo	Ticketinformationen der Rollenzuweisung
Type	Typ des Ablaufs des Rollenzuweisungszeitplans

CloudError

Objekt

Eine Fehlerantwort des Diensts.

Name	Typ	Beschreibung
error	CloudErrorBody	Eine Fehlerantwort des Diensts.

CloudErrorBody

Objekt

Eine Fehlerantwort des Diensts.

Name	Typ	Beschreibung
code	string	Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollen programmgesteuert genutzt werden.
message	string	Eine Meldung, die den Fehler beschreibt, der für die Anzeige in einer Benutzeroberfläche geeignet ist.

ExpandedProperties

Objekt

Name	Typ	Beschreibung
principal	Principal	Details des Prinzipals
roleDefinition	RoleDefinition	Details zur Rollendefinition
scope	Scope	Details zum Ressourcenbereich

Expiration

Objekt

Ablauf des Rollenzuweisungszeitplans

Name	Typ	Beschreibung
duration	string	Dauer des Rollenzuweisungszeitplans in TimeSpan.
endDateTime	string (date-time)	End DateTime des Rollenzuweisungszeitplans.
type	Type	Typ des Ablaufs des Rollenzuweisungszeitplans

Principal

Objekt

Details des Prinzipals

Name	Typ	Beschreibung
displayName	string	Anzeigename des Prinzipals
email	string	E-Mail-ID des Prinzipals
id	string	ID des Prinzipals
type	string	Typ des Prinzipals

principalType

Enumeration

Der Prinzipaltyp der zugewiesenen Prinzipal-ID.

Wert	Beschreibung
Device
ForeignGroup
Group
ServicePrincipal
User

RequestType

Enumeration

Der Typ der Rollenzuweisungsplanungsanforderung. Eg: SelfActivate, AdminAssign usw.

Wert	Beschreibung
AdminAssign
AdminExtend
AdminRemove
AdminRenew
AdminUpdate
SelfActivate
SelfDeactivate
SelfExtend
SelfRenew