Role Eligibility Schedule Instances - List For Scope

Referenz

Dienst:: Authorization

API-Version:: 2020-10-01

Ruft Rollenberechtigungszeitplaninstanzen eines Rollenberechtigungszeitplans ab.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances?api-version=2020-10-01

Mit optionalen Parametern:

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances?$filter={$filter}&api-version=2020-10-01

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
scope	path	True	string	Der Bereich des Zeitplans für die Rollenberechtigung.
api-version	query	True	string	Hierbei handelt es sich um die für diesen Vorgang zu verwendende API-Version.
$filter	query		string	Der Filter, der auf den Vorgang angewendet werden soll. Verwenden Sie $filter=atScope(), um alle Rollenzuweisungszeitpläne am oder oberhalb des Bereichs zurückzugeben. Verwenden Sie $filter=principalId eq {id}, um alle Rollenzuweisungszeitpläne über oder unterhalb des Bereichs für den angegebenen Prinzipal zurückzugeben. Verwenden Sie $filter=assignedTo('{userId}'), um alle Rollenberechtigungszeitpläne für den Benutzer zurückzugeben. Verwenden Sie $filter=asTarget(), um alle Rollenberechtigungszeitpläne zurückzugeben, die für den aktuellen Benutzer erstellt wurden.

Antworten

Name	Typ	Beschreibung
200 OK	RoleEligibilityScheduleInstanceListResult	OK: Gibt ein Array von Rollenberechtigungszeitplaninstanzen zurück.
Other Status Codes	CloudError	Fehlerantwort mit Beschreibung des Grunds für den Fehler.

Sicherheit

azure_auth

Azure Active Directory-OAuth2-Flow

Typ: oauth2
Ablauf: implicit
Autorisierungs-URL: https://login.microsoftonline.com/common/oauth2/authorize

Bereiche

Name	Beschreibung
user_impersonation	Identitätswechsel Ihres Benutzerkontos

Beispiele

GetRoleEligibilityScheduleInstancesByScope

Beispielanforderung

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleEligibilityScheduleInstances?$filter=assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')&api-version=2020-10-01


/**
 * Samples for RoleEligibilityScheduleInstances ListForScope.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * GetRoleEligibilityScheduleInstancesByScope.json
     */
    /**
     * Sample code: GetRoleEligibilityScheduleInstancesByScope.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void
        getRoleEligibilityScheduleInstancesByScope(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleEligibilityScheduleInstances()
            .listForScope("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
                "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json
func ExampleRoleEligibilityScheduleInstancesClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewRoleEligibilityScheduleInstancesClient().NewListForScopePager("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", &armauthorization.RoleEligibilityScheduleInstancesClientListForScopeOptions{Filter: to.Ptr("assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')")})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.RoleEligibilityScheduleInstanceListResult = armauthorization.RoleEligibilityScheduleInstanceListResult{
		// 	Value: []*armauthorization.RoleEligibilityScheduleInstance{
		// 		{
		// 			Name: to.Ptr("21e4b59a-0499-4fe0-a3c3-43a3055b773a"),
		// 			Type: to.Ptr("Microsoft.Authorization/RoleEligibilityScheduleInstances"),
		// 			ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a"),
		// 			Properties: &armauthorization.RoleEligibilityScheduleInstanceProperties{
		// 				Condition: to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
		// 				ConditionVersion: to.Ptr("1.0"),
		// 				CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-10T00:32:36.860Z"); return t}()),
		// 				EndDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-10T00:31:41.477Z"); return t}()),
		// 				ExpandedProperties: &armauthorization.ExpandedProperties{
		// 					Principal: &armauthorization.ExpandedPropertiesPrincipal{
		// 						Type: to.Ptr("User"),
		// 						DisplayName: to.Ptr("User Account"),
		// 						Email: to.Ptr("user@my-tenant.com"),
		// 						ID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 					},
		// 					RoleDefinition: &armauthorization.ExpandedPropertiesRoleDefinition{
		// 						Type: to.Ptr("BuiltInRole"),
		// 						DisplayName: to.Ptr("Contributor"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
		// 					},
		// 					Scope: &armauthorization.ExpandedPropertiesScope{
		// 						Type: to.Ptr("subscription"),
		// 						DisplayName: to.Ptr("Pay-As-You-Go"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 					},
		// 				},
		// 				MemberType: to.Ptr(armauthorization.MemberTypeDirect),
		// 				PrincipalID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 				PrincipalType: to.Ptr(armauthorization.PrincipalTypeUser),
		// 				RoleDefinitionID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"),
		// 				RoleEligibilityScheduleID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413"),
		// 				Scope: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 				StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-10T00:32:36.860Z"); return t}()),
		// 				Status: to.Ptr(armauthorization.StatusProvisioned),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets role eligibility schedule instances of a role eligibility schedule.
 *
 * @summary Gets role eligibility schedule instances of a role eligibility schedule.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json
 */
async function getRoleEligibilityScheduleInstancesByScope() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
  const filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
  const options = {
    filter,
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.roleEligibilityScheduleInstances.listForScope(scope, options)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json
// this example is just showing the usage of "RoleEligibilityScheduleInstances_ListForScope" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ArmResource created on azure
// for more information of creating ArmResource, please refer to the document of ArmResource

// get the collection of this RoleEligibilityScheduleInstanceResource
string scope = "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
ResourceIdentifier scopeId = new ResourceIdentifier(string.Format("/{0}", scope));
RoleEligibilityScheduleInstanceCollection collection = client.GetRoleEligibilityScheduleInstances(scopeId);

// invoke the operation and iterate over the result
string filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
await foreach (RoleEligibilityScheduleInstanceResource item in collection.GetAllAsync(filter: filter))
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    RoleEligibilityScheduleInstanceData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:: 200

{
  "value": [
    {
      "properties": {
        "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
        "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "principalType": "User",
        "status": "Provisioned",
        "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413",
        "startDateTime": "2020-09-10T00:32:36.86Z",
        "endDateTime": "2021-09-10T00:31:41.477Z",
        "memberType": "Direct",
        "createdOn": "2020-09-10T00:32:36.86Z",
        "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
        "conditionVersion": "1.0",
        "expandedProperties": {
          "scope": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
            "displayName": "Pay-As-You-Go",
            "type": "subscription"
          },
          "roleDefinition": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
            "displayName": "Contributor",
            "type": "BuiltInRole"
          },
          "principal": {
            "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
            "displayName": "User Account",
            "email": "user@my-tenant.com",
            "type": "User"
          }
        }
      },
      "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a",
      "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a",
      "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances"
    }
  ]
}

Definitionen

Name	Beschreibung
CloudError	Eine Fehlerantwort vom Dienst.
CloudErrorBody	Eine Fehlerantwort vom Dienst.
ExpandedProperties
MemberType	Mitgliedschaftstyp des Rollenberechtigungsplans
Principal	Details des Prinzipals
principalType	Der Prinzipaltyp der zugewiesenen Prinzipal-ID.
RoleDefinition	Details zur Rollendefinition
RoleEligibilityScheduleInstance	Informationen zum aktuellen oder bevorstehenden Rollenberechtigungsplan instance
RoleEligibilityScheduleInstanceListResult	Rollenberechtigungszeitplan instance Listenvorgangsergebnis.
Scope	Details zum Ressourcenbereich
Status	Die status des Rollenberechtigungszeitplans instance

CloudError

Eine Fehlerantwort vom Dienst.

Name	Typ	Beschreibung
error	CloudErrorBody	Eine Fehlerantwort vom Dienst.

CloudErrorBody

Eine Fehlerantwort vom Dienst.

Name	Typ	Beschreibung
code	string	Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollten programmgesteuert verwendet werden.
message	string	Eine Meldung, die den Fehler beschreibt, der für die Anzeige in einer Benutzeroberfläche geeignet sein soll.

ExpandedProperties

Name	Typ	Beschreibung
principal	Principal	Details des Prinzipals
roleDefinition	RoleDefinition	Details zur Rollendefinition
scope	Scope	Details zum Ressourcenbereich

MemberType

Mitgliedschaftstyp des Rollenberechtigungsplans

Name	Typ	Beschreibung
Direct	string
Group	string
Inherited	string

Principal

Details des Prinzipals

Name	Typ	Beschreibung
displayName	string	Anzeigename des Prinzipals
email	string	Email ID des Prinzipals
id	string	ID des Prinzipals
type	string	Typ des Prinzipals

principalType

Der Prinzipaltyp der zugewiesenen Prinzipal-ID.

Name	Typ	Beschreibung
Device	string
ForeignGroup	string
Group	string
ServicePrincipal	string
User	string

RoleDefinition

Details zur Rollendefinition

Name	Typ	Beschreibung
displayName	string	Anzeigename der Rollendefinition
id	string	ID der Rollendefinition
type	string	Typ der Rollendefinition