Execute a governance rule
POST https://management.azure.com/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}/execute?api-version=2022-01-01-preview
URI Parameters
| Name |
In |
Required |
Type |
Description |
|
ruleId
|
path |
True
|
string
|
The governance rule key - unique key for the standard governance rule (GUID)
|
|
scope
|
path |
True
|
string
|
The scope of the Governance rules. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
|
|
api-version
|
query |
True
|
string
|
API version for the operation
|
Request Body
| Name |
Type |
Description |
|
override
|
boolean
|
Describe if governance rule should be override
|
Responses
| Name |
Type |
Description |
|
202 Accepted
|
|
Accepted
Headers
location: string
|
|
Other Status Codes
|
CloudError
|
Error response describing why the operation failed
|
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
impersonate your user account
|
Examples
Execute governance rule over management group scope
Sample request
POST https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/execute?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Execute.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* PostManagementGroupGovernanceRule_example.json
*/
/**
* Sample code: Execute governance rule over management group scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
executeGovernanceRuleOverManagementGroupScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().execute("providers/Microsoft.Management/managementGroups/contoso",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostManagementGroupGovernanceRule_example.json
func ExampleGovernanceRulesClient_BeginExecute_executeGovernanceRuleOverManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewGovernanceRulesClient().BeginExecute(ctx, "providers/Microsoft.Management/managementGroups/contoso", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", &armsecurity.GovernanceRulesClientBeginExecuteOptions{ExecuteGovernanceRuleParams: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
_, err = poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Execute a governance rule
*
* @summary Execute a governance rule
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostManagementGroupGovernanceRule_example.json
*/
async function executeGovernanceRuleOverManagementGroupScope() {
const scope = "providers/Microsoft.Management/managementGroups/contoso";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.beginExecuteAndWait(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostManagementGroupGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Execute" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "providers/Microsoft.Management/managementGroups/contoso";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
await governanceRule.ExecuteAsync(WaitUntil.Completed);
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
location: https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/operationResults/58b33f4f-c8c7-4b01-99cc-d437db4d40dd?api-version=2022-01-01-preview
Execute governance rule over security connector scope
Sample request
POST https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/execute?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Execute.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* PostSecurityConnectorGovernanceRule_example.json
*/
/**
* Sample code: Execute governance rule over security connector scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
executeGovernanceRuleOverSecurityConnectorScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().execute(
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostSecurityConnectorGovernanceRule_example.json
func ExampleGovernanceRulesClient_BeginExecute_executeGovernanceRuleOverSecurityConnectorScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewGovernanceRulesClient().BeginExecute(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", &armsecurity.GovernanceRulesClientBeginExecuteOptions{ExecuteGovernanceRuleParams: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
_, err = poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Execute a governance rule
*
* @summary Execute a governance rule
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostSecurityConnectorGovernanceRule_example.json
*/
async function executeGovernanceRuleOverSecurityConnectorScope() {
const scope =
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.beginExecuteAndWait(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostSecurityConnectorGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Execute" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
await governanceRule.ExecuteAsync(WaitUntil.Completed);
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
location: https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/operationResults/58b33f4f-c8c7-4b01-99cc-d437db4d40dd?api-version=2022-01-01-preview
Execute Governance rule over subscription scope
Sample request
POST https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/execute?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Execute.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* PostGovernanceRule_example.json
*/
/**
* Sample code: Execute Governance rule over subscription scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
executeGovernanceRuleOverSubscriptionScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().execute("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostGovernanceRule_example.json
func ExampleGovernanceRulesClient_BeginExecute_executeGovernanceRuleOverSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewGovernanceRulesClient().BeginExecute(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", &armsecurity.GovernanceRulesClientBeginExecuteOptions{ExecuteGovernanceRuleParams: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
_, err = poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Execute a governance rule
*
* @summary Execute a governance rule
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostGovernanceRule_example.json
*/
async function executeGovernanceRuleOverSubscriptionScope() {
const scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.beginExecuteAndWait(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/PostGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Execute" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
await governanceRule.ExecuteAsync(WaitUntil.Completed);
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
location: https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8/operationResults/58b33f4f-c8c7-4b01-99cc-d437db4d40dd?api-version=2022-01-01-preview
Definitions
| Name |
Description |
|
CloudError
|
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
|
|
CloudErrorBody
|
The error detail.
|
|
ErrorAdditionalInfo
|
The resource management error additional info.
|
|
ExecuteGovernanceRuleParams
|
Governance rule execution parameters
|
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
| Name |
Type |
Description |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
error.code
|
string
|
The error code.
|
|
error.details
|
CloudErrorBody[]
|
The error details.
|
|
error.message
|
string
|
The error message.
|
|
error.target
|
string
|
The error target.
|
CloudErrorBody
The error detail.
| Name |
Type |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
code
|
string
|
The error code.
|
|
details
|
CloudErrorBody[]
|
The error details.
|
|
message
|
string
|
The error message.
|
|
target
|
string
|
The error target.
|
ErrorAdditionalInfo
The resource management error additional info.
| Name |
Type |
Description |
|
info
|
object
|
The additional info.
|
|
type
|
string
|
The additional info type.
|
ExecuteGovernanceRuleParams
Governance rule execution parameters
| Name |
Type |
Description |
|
override
|
boolean
|
Describe if governance rule should be override
|