Role Management Policy Assignments - Get
Abrufen der angegebenen Rollenverwaltungsrichtlinienzuweisung für einen Ressourcenbereich
GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}?api-version=2020-10-01URI-Parameter
| Name | In | Erforderlich | Typ | Beschreibung |
|---|---|---|---|---|
|
role
|
path | True |
string |
Der Name des Formats "{guid_guid}", die die zu erhaltende Rollenverwaltungsrichtlinienzuweisung enthält. |
|
scope
|
path | True |
string |
Der Bereich der Rollenverwaltungsrichtlinie. |
|
api-version
|
query | True |
string |
Hierbei handelt es sich um die für diesen Vorgang zu verwendende API-Version. |
Antworten
| Name | Typ | Beschreibung |
|---|---|---|
| 200 OK |
OK: Gibt Informationen zur Rollenverwaltungsrichtlinie zurück. |
|
| Other Status Codes |
Fehlerantwort mit Beschreibung des Grunds für den Fehler. |
Sicherheit
azure_auth
Azure Active Directory-OAuth2-Flow
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name | Beschreibung |
|---|---|
| user_impersonation | Identitätswechsel Ihres Benutzerkontos |
Beispiele
GetConfigurations
Beispielanforderung
GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignments/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24?api-version=2020-10-01
Beispiel für eine Antwort
{
"properties": {
"scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
"roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
"effectiveRules": [
{
"enabledRules": [],
"id": "Enablement_Admin_Eligibility",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": true,
"maximumDuration": "P90D",
"id": "Expiration_Admin_Eligibility",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_admin_eligible@test.com"
],
"id": "Notification_Admin_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_admin_eligible@test.com"
],
"id": "Notification_Requestor_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"approver_admin_eligible@test.com"
],
"id": "Notification_Approver_Admin_Eligibility",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Eligibility",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"enabledRules": [
"MultiFactorAuthentication",
"Justification"
],
"id": "Enablement_Admin_Assignment",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": false,
"maximumDuration": "P90D",
"id": "Expiration_Admin_Assignment",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_admin_member@test.com"
],
"id": "Notification_Admin_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_admin_member@test.com"
],
"id": "Notification_Requestor_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"approver_admin_member@test.com"
],
"id": "Notification_Approver_Admin_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "Admin",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"setting": {
"isApprovalRequired": true,
"isApprovalRequiredForExtension": false,
"isRequestorJustificationRequired": true,
"approvalMode": "SingleStage",
"approvalStages": [
{
"approvalStageTimeOutInDays": 1,
"isApproverJustificationRequired": true,
"escalationTimeInMinutes": 0,
"primaryApprovers": [
{
"id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
"description": "amansw_new_group",
"isBackup": false,
"userType": "Group"
},
{
"id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
"description": "amansw_group",
"isBackup": false,
"userType": "Group"
}
],
"isEscalationEnabled": false,
"escalationApprovers": null
}
]
},
"id": "Approval_EndUser_Assignment",
"ruleType": "RoleManagementPolicyApprovalRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isEnabled": false,
"claimValue": "",
"id": "AuthenticationContext_EndUser_Assignment",
"ruleType": "RoleManagementPolicyAuthenticationContextRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"enabledRules": [
"MultiFactorAuthentication",
"Justification",
"Ticketing"
],
"id": "Enablement_EndUser_Assignment",
"ruleType": "RoleManagementPolicyEnablementRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"isExpirationRequired": true,
"maximumDuration": "PT7H",
"id": "Expiration_EndUser_Assignment",
"ruleType": "RoleManagementPolicyExpirationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Admin",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"admin_enduser_member@test.com"
],
"id": "Notification_Admin_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Requestor",
"isDefaultRecipientsEnabled": false,
"notificationLevel": "Critical",
"notificationRecipients": [
"requestor_enduser_member@test.com"
],
"id": "Notification_Requestor_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
},
{
"notificationType": "Email",
"recipientType": "Approver",
"isDefaultRecipientsEnabled": true,
"notificationLevel": "Critical",
"notificationRecipients": null,
"id": "Notification_Approver_EndUser_Assignment",
"ruleType": "RoleManagementPolicyNotificationRule",
"target": {
"caller": "EndUser",
"operations": [
"All"
],
"level": "Assignment",
"targetObjects": null,
"inheritableSettings": null,
"enforcedSettings": null
}
}
],
"policyAssignmentProperties": {
"scope": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
"displayName": "Pay-As-You-Go",
"type": "subscription"
},
"roleDefinition": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"displayName": "FHIR Data Converter",
"type": "BuiltInRole"
},
"policy": {
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
"lastModifiedBy": {
"id": null,
"displayName": "Admin",
"type": null,
"email": null
},
"lastModifiedDateTime": null
}
}
},
"name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
"type": "Microsoft.Authorization/RoleManagementPolicyAssignment"
}Definitionen
| Name | Beschreibung |
|---|---|
|
Cloud |
Eine Fehlerantwort vom Dienst. |
|
Cloud |
Eine Fehlerantwort vom Dienst. |
| Policy |
Details der Richtlinie |
|
Policy |
Erweiterte Informationen zu Ressourcenbereich, Rollendefinition und Richtlinie |
| Principal |
Der Name der Entität, die zuletzt geändert wurde |
|
Role |
Details zur Rollendefinition |
|
Role |
Rollenverwaltungsrichtlinie |
| Scope |
Details zum Ressourcenbereich |
CloudError
Eine Fehlerantwort vom Dienst.
| Name | Typ | Beschreibung |
|---|---|---|
| error |
Eine Fehlerantwort vom Dienst. |
CloudErrorBody
Eine Fehlerantwort vom Dienst.
| Name | Typ | Beschreibung |
|---|---|---|
| code |
string |
Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollten programmgesteuert verwendet werden. |
| message |
string |
Eine Meldung, die den Fehler beschreibt, die für die Anzeige in einer Benutzeroberfläche geeignet sein soll. |
Policy
Details der Richtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| id |
string |
ID der Richtlinie |
| lastModifiedBy |
Der Name der Entität, die zuletzt geändert wurde |
|
| lastModifiedDateTime |
string |
Die Uhrzeit der letzten Änderung. |
PolicyAssignmentProperties
Erweiterte Informationen zu Ressourcenbereich, Rollendefinition und Richtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| policy |
Details der Richtlinie |
|
| roleDefinition |
Details zur Rollendefinition |
|
| scope |
Details zum Ressourcenbereich |
Principal
Der Name der Entität, die zuletzt geändert wurde
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Der Name des Prinzipals, der Änderungen vorgenommen hat. |
|
string |
Email des Prinzipals |
|
| id |
string |
Die ID des Prinzipals, der Änderungen vorgenommen hat |
| type |
string |
Prinzipaltyp wie Benutzer, Gruppe usw. |
RoleDefinition
Details zur Rollendefinition
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Anzeigename der Rollendefinition |
| id |
string |
ID der Rollendefinition |
| type |
string |
Typ der Rollendefinition |
RoleManagementPolicyAssignment
Rollenverwaltungsrichtlinie
| Name | Typ | Beschreibung |
|---|---|---|
| id |
string |
Die Id der Rollenverwaltungsrichtlinie. |
| name |
string |
Der Name der Rollenverwaltungsrichtlinie. |
| properties.effectiveRules |
Role |
Die schreibgeschützte berechnete Regel, die auf die Richtlinie angewendet wird. |
| properties.policyAssignmentProperties |
Zusätzliche Eigenschaften von Bereich, Rollendefinition und Richtlinie |
|
| properties.policyId |
string |
Die Richtlinienzuweisung für die Rollenverwaltung der Richtlinien-ID. |
| properties.roleDefinitionId |
string |
Die Rollendefinition der Verwaltungsrichtlinienzuweisung. |
| properties.scope |
string |
Der Richtlinienbereich für die Rollenverwaltung. |
| type |
string |
Der Richtlinientyp der Rollenverwaltung. |
Scope
Details zum Ressourcenbereich
| Name | Typ | Beschreibung |
|---|---|---|
| displayName |
string |
Anzeigename der Ressource |
| id |
string |
Bereichs-ID der Ressource |
| type |
string |
Typ der Ressource |