Alerts - List For Scope

サービス:

Authorization

API バージョン:

2022-08-01-preview

リソース スコープのアラートを取得します。

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

URI パラメーター

名前	/	必須	型	説明
scope	path	True	string	アラートのスコープ。
api-version	query	True	string	この操作に使用する API バージョン。

応答

名前	型	説明
200 OK	AlertListResult	OK - アラートの配列を返します。
Other Status Codes	CloudError	操作に失敗した理由を説明するエラー応答。

セキュリティ

azure_auth

Azure Active Directory OAuth2 フロー

型: oauth2
フロー: implicit
Authorization URL (承認 URL): https://login.microsoftonline.com/common/oauth2/authorize

スコープ

名前	説明
user_impersonation	ユーザー アカウントの借用

例

GetAlerts

要求のサンプル

HTTP

GET https://management.azure.com/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

Go

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
func ExampleAlertsClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAlertsClient().NewListForScopePager("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AlertListResult = armauthorization.AlertListResult{
		// 	Value: []*armauthorization.Alert{
		// 		{
		// 			Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfPermanentOwners: to.Ptr[int32](10),
		// 						ThresholdPercentageOfPermanentOwnersOutOfAllOwners: to.Ptr[int32](10),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many permanent owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, require the user to activate the role before use."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 		},
		// 		{
		// 			Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfOwners: to.Ptr[int32](2),
		// 						ThresholdPercentageOfOwnersOutOfAllRoleMembers: to.Ptr[int32](3),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets alerts for a resource scope.
 *
 * @summary Gets alerts for a resource scope.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
 */
async function getAlerts() {
  const scope = "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f";
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential);
  const resArray = new Array();
  for await (let item of client.alerts.listForScope(scope)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

応答のサンプル

状態コード:

200

{
  "value": [
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many permanent owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity.",
            "mitigationSteps": "To mitigate this issue, require the user to activate the role before use.",
            "howToPrevent": "Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyPermanentOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyPermanentOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyPermanentOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfPermanentOwners": 10,
            "thresholdPercentageOfPermanentOwnersOutOfAllOwners": 10
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyPermanentOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    },
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource.",
            "mitigationSteps": "To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor.",
            "howToPrevent": "Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfOwners": 2,
            "thresholdPercentageOfOwnersOutOfAllRoleMembers": 3
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    }
  ]
}

定義

名前	説明
Alert	アラート。
AlertConfiguration	アラートの構成。
AlertDefinition	アラートの定義
AlertIncident	アラート インシデント
AlertListResult	アラート リスト操作の結果。
CloudError	サービスからのエラー応答。
CloudErrorBody	サービスからのエラー応答。
SeverityLevel	アラートの重大度。

Alert

アラート。

名前	型	説明
id	string	アラート ID。
name	string	警告名を指定します。
properties.alertConfiguration	AlertConfiguration	アラートの構成。
properties.alertDefinition	AlertDefinition	警告の定義です。
properties.alertIncidents	AlertIncident[]	アラート インシデント。
properties.incidentCount	integer	アラートの生成されたインシデントの数。
properties.isActive	boolean	既定では False。アラートがアクティブな場合は true。
properties.lastModifiedDateTime	string	アラート構成が更新されたか、新しいインシデントが生成された日時。
properties.lastScannedDateTime	string	アラートが最後にスキャンされた日時。
properties.scope	string	アラート スコープ。
type	string	アラートの種類。

AlertConfiguration

アラートの構成。

名前	型	説明
id	string	アラート構成 ID。
name	string	アラート構成名。
properties.alertConfigurationType	string	アラート構成の種類。
properties.alertDefinition	AlertDefinition	警告の定義です。
properties.alertDefinitionId	string	警告の定義の ID です。
properties.isEnabled	boolean	True を指定すると、アラートが有効になり、false を指定すると、特定のアラートのスキャンが無効になります。
properties.scope	string	アラート スコープ。
type	string	アラート構成の種類。

AlertDefinition

アラートの定義

名前	型	説明
id	string	警告の定義の ID です。
name	string	アラート定義名。
properties.description	string	アラートの説明。
properties.displayName	string	アラートの表示名。
properties.howToPrevent	string	アラートを防止する方法。
properties.isConfigurable	boolean	True の 場合は、アラートの構成を構成できます。false、それ以外の場合は 。
properties.isRemediatable	boolean	True の 場合は、アラートを修復できます。false、それ以外の場合は 。
properties.mitigationSteps	string	アラートを軽減する方法。
properties.scope	string	アラート スコープ。
properties.securityImpact	string	アラートのセキュリティへの影響。
properties.severityLevel	SeverityLevel	アラートの重大度。
type	string	アラート定義の種類。

AlertIncident

アラート インシデント

名前	型	説明
id	string	アラート インシデント ID。
name	string	アラート インシデント名。
properties.alertIncidentType	string	アラート インシデントの種類。
type	string	アラート インシデントの種類。

AlertListResult

アラート リスト操作の結果。

名前	型	説明
nextLink	string	次の結果セットを取得するために使用する URL。
value	Alert[]	[警告の一覧]

CloudError

サービスからのエラー応答。

名前	型	説明
error	CloudErrorBody	サービスからのエラー応答。

CloudErrorBody

サービスからのエラー応答。

名前	型	説明
code	string	エラーの識別子。 コードは不変であり、プログラムによって使用されることを意図しています。
message	string	ユーザー インターフェイスでの表示に適したエラーを説明するメッセージ。

SeverityLevel

アラートの重大度。

名前	型	説明
High	string
Low	string
Medium	string