Role Assignment Schedules - List For Scope

Referencia

Servicio:: Authorization

Versión de la API:: 2020-10-01

Obtiene las programaciones de asignación de roles para un ámbito de recurso.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules?api-version=2020-10-01

Con parámetros opcionales:

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules?$filter={$filter}&api-version=2020-10-01

Parámetros de identificador URI

Nombre	En	Requerido	Tipo	Description
scope	path	True	string	Ámbito de las programaciones de asignaciones de roles.
api-version	query	True	string	Versión de API que se usará para la operación.
$filter	query		string	Filtro que se va a aplicar en la operación. Use $filter=atScope() para devolver todas las programaciones de asignación de roles en o por encima del ámbito. Use $filter=principalId eq {id} para devolver todas las programaciones de asignación de roles en, por encima o por debajo del ámbito de la entidad de seguridad especificada. Use $filter=assignedTo('{userId}') para devolver todas las programaciones de asignación de roles para el usuario actual. Use $filter=asTarget() para devolver todas las programaciones de asignación de roles creadas para el usuario actual.

Respuestas

Nombre	Tipo	Description
200 OK	RoleAssignmentScheduleListResult	Aceptar: devuelve una matriz de programaciones de asignaciones de roles.
Other Status Codes	CloudError	Respuesta de error que describe el motivo del error de la operación.

Seguridad

azure_auth

Flujo OAuth2 de Azure Active Directory

Tipo: oauth2
Flujo: implicit
Dirección URL de autorización: https://login.microsoftonline.com/common/oauth2/authorize

Ámbitos

Nombre	Description
user_impersonation	suplantación de su cuenta de usuario

Ejemplos

GetRoleAssignmentSchedulesByScope

Solicitud de ejemplo

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignmentSchedules?$filter=assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')&api-version=2020-10-01


/**
 * Samples for RoleAssignmentSchedules ListForScope.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * GetRoleAssignmentSchedulesByScope.json
     */
    /**
     * Sample code: GetRoleAssignmentSchedulesByScope.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void getRoleAssignmentSchedulesByScope(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleAssignmentSchedules()
            .listForScope("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
                "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json
func ExampleRoleAssignmentSchedulesClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewRoleAssignmentSchedulesClient().NewListForScopePager("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", &armauthorization.RoleAssignmentSchedulesClientListForScopeOptions{Filter: to.Ptr("assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')")})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.RoleAssignmentScheduleListResult = armauthorization.RoleAssignmentScheduleListResult{
		// 	Value: []*armauthorization.RoleAssignmentSchedule{
		// 		{
		// 			Name: to.Ptr("c9e264ff-3133-4776-a81a-ebc7c33c8ec6"),
		// 			Type: to.Ptr("Microsoft.Authorization/RoleAssignmentSchedules"),
		// 			ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6"),
		// 			Properties: &armauthorization.RoleAssignmentScheduleProperties{
		// 				AssignmentType: to.Ptr(armauthorization.AssignmentTypeAssigned),
		// 				Condition: to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
		// 				ConditionVersion: to.Ptr("1.0"),
		// 				CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t}()),
		// 				EndDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-10T05:35:17.910Z"); return t}()),
		// 				ExpandedProperties: &armauthorization.ExpandedProperties{
		// 					Principal: &armauthorization.ExpandedPropertiesPrincipal{
		// 						Type: to.Ptr("User"),
		// 						DisplayName: to.Ptr("User Account"),
		// 						Email: to.Ptr("user@my-tenant.com"),
		// 						ID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 					},
		// 					RoleDefinition: &armauthorization.ExpandedPropertiesRoleDefinition{
		// 						Type: to.Ptr("BuiltInRole"),
		// 						DisplayName: to.Ptr("Contributor"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
		// 					},
		// 					Scope: &armauthorization.ExpandedPropertiesScope{
		// 						Type: to.Ptr("subscription"),
		// 						DisplayName: to.Ptr("Pay-As-You-Go"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 					},
		// 				},
		// 				LinkedRoleEligibilityScheduleID: to.Ptr("b1477448-2cc6-4ceb-93b4-54a202a89413"),
		// 				MemberType: to.Ptr(armauthorization.MemberTypeDirect),
		// 				PrincipalID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 				PrincipalType: to.Ptr(armauthorization.PrincipalTypeUser),
		// 				RoleAssignmentScheduleRequestID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045"),
		// 				RoleDefinitionID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
		// 				Scope: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 				StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t}()),
		// 				Status: to.Ptr(armauthorization.StatusProvisioned),
		// 				UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:35:27.910Z"); return t}()),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets role assignment schedules for a resource scope.
 *
 * @summary Gets role assignment schedules for a resource scope.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json
 */
async function getRoleAssignmentSchedulesByScope() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
  const filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
  const options = { filter };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.roleAssignmentSchedules.listForScope(scope, options)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json
// this example is just showing the usage of "RoleAssignmentSchedules_ListForScope" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ArmResource created on azure
// for more information of creating ArmResource, please refer to the document of ArmResource

// get the collection of this RoleAssignmentScheduleResource
string scope = "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
ResourceIdentifier scopeId = new ResourceIdentifier(string.Format("/{0}", scope));
RoleAssignmentScheduleCollection collection = client.GetRoleAssignmentSchedules(scopeId);

// invoke the operation and iterate over the result
string filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
await foreach (RoleAssignmentScheduleResource item in collection.GetAllAsync(filter: filter))
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    RoleAssignmentScheduleData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Respuesta de muestra

status code:: 200

{
  "value": [
    {
      "properties": {
        "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413",
        "assignmentType": "Assigned",
        "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
        "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "principalType": "User",
        "status": "Provisioned",
        "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045",
        "startDateTime": "2020-09-09T21:35:27.91Z",
        "endDateTime": "2020-09-10T05:35:17.91Z",
        "memberType": "Direct",
        "createdOn": "2020-09-09T21:35:27.91Z",
        "updatedOn": "2020-09-09T21:35:27.91Z",
        "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
        "conditionVersion": "1.0",
        "expandedProperties": {
          "scope": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
            "displayName": "Pay-As-You-Go",
            "type": "subscription"
          },
          "roleDefinition": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
            "displayName": "Contributor",
            "type": "BuiltInRole"
          },
          "principal": {
            "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
            "displayName": "User Account",
            "email": "user@my-tenant.com",
            "type": "User"
          }
        }
      },
      "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6",
      "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6",
      "type": "Microsoft.Authorization/RoleAssignmentSchedules"
    }
  ]
}

Definiciones

Nombre	Description
AssignmentType	Tipo de asignación de la programación de asignación de roles
CloudError	Respuesta de error del servicio.
CloudErrorBody	Respuesta de error del servicio.
ExpandedProperties
MemberType	Tipo de pertenencia de la programación de asignación de roles
Principal	Detalles de la entidad de seguridad
principalType	Tipo de entidad de seguridad del identificador de entidad de seguridad asignado.
RoleAssignmentSchedule	Programación de asignación de roles
RoleAssignmentScheduleListResult	Resultado de la operación de lista de programación de asignación de roles.
RoleDefinition	Detalles de la definición de roles
Scope	Detalles del ámbito del recurso
Status	Estado de la programación de asignación de roles.

AssignmentType

Tipo de asignación de la programación de asignación de roles

Nombre	Tipo	Description
Activated	string
Assigned	string

CloudError

Respuesta de error del servicio.

Nombre	Tipo	Description
error	CloudErrorBody	Respuesta de error del servicio.

CloudErrorBody

Respuesta de error del servicio.

Nombre	Tipo	Description
code	string	Identificador del error. Los códigos son invariables y están diseñados para consumirse mediante programación.
message	string	Mensaje que describe el error, diseñado para ser adecuado para mostrarse en una interfaz de usuario.

ExpandedProperties

Nombre	Tipo	Description
principal	Principal	Detalles de la entidad de seguridad
roleDefinition	RoleDefinition	Detalles de la definición de roles
scope	Scope	Detalles del ámbito del recurso

MemberType

Tipo de pertenencia de la programación de asignación de roles

Nombre	Tipo	Description
Direct	string
Group	string
Inherited	string

Principal

Detalles de la entidad de seguridad

Nombre	Tipo	Description
displayName	string	Nombre para mostrar de la entidad de seguridad
email	string	Email id. de la entidad de seguridad
id	string	Identificador de la entidad de seguridad
type	string	Tipo de la entidad de seguridad

principalType

Tipo de entidad de seguridad del identificador de entidad de seguridad asignado.

Nombre	Tipo	Description
Device	string
ForeignGroup	string
Group	string
ServicePrincipal	string
User	string