次の方法で共有


Role Management Policy Assignments - Get

リソース スコープに対して指定されたロール管理ポリシーの割り当てを取得する

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}?api-version=2020-10-01

URI パラメーター

名前 / 必須 説明
roleManagementPolicyAssignmentName
path True

string

取得するロール管理ポリシーの割り当て形式 {guid_guid} の名前。

scope
path True

string

ロール管理ポリシーのスコープ。

api-version
query True

string

この操作に使用する API バージョン。

応答

名前 説明
200 OK

RoleManagementPolicyAssignment

OK - ロール管理ポリシーに関する情報を返します。

Other Status Codes

CloudError

操作に失敗した理由を説明するエラー応答。

セキュリティ

azure_auth

Azure Active Directory OAuth2 フロー

型: oauth2
フロー: implicit
Authorization URL (承認 URL): https://login.microsoftonline.com/common/oauth2/authorize

スコープ

名前 説明
user_impersonation ユーザー アカウントの借用

GetConfigurations

要求のサンプル

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignments/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24?api-version=2020-10-01

応答のサンプル

{
  "properties": {
    "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
    "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
    "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
    "effectiveRules": [
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "MultiFactorAuthentication",
          "Justification"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "MultiFactorAuthentication",
          "Justification",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ],
    "policyAssignmentProperties": {
      "scope": {
        "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
        "displayName": "Pay-As-You-Go",
        "type": "subscription"
      },
      "roleDefinition": {
        "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
        "displayName": "FHIR Data Converter",
        "type": "BuiltInRole"
      },
      "policy": {
        "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9",
        "lastModifiedBy": {
          "id": null,
          "displayName": "Admin",
          "type": null,
          "email": null
        },
        "lastModifiedDateTime": null
      }
    }
  },
  "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
  "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24",
  "type": "Microsoft.Authorization/RoleManagementPolicyAssignment"
}

定義

名前 説明
CloudError

サービスからのエラー応答。

CloudErrorBody

サービスからのエラー応答。

Policy

ポリシーの詳細

PolicyAssignmentProperties

リソーススコープ、ロール定義、ポリシーの拡張情報

Principal

最後に変更したエンティティの名前

RoleDefinition

ロール定義の詳細

RoleManagementPolicyAssignment

ロール管理ポリシー

Scope

リソース スコープの詳細

CloudError

サービスからのエラー応答。

名前 説明
error

CloudErrorBody

サービスからのエラー応答。

CloudErrorBody

サービスからのエラー応答。

名前 説明
code

string

エラーの識別子。 コードは不変であり、プログラムによって使用されることを意図しています。

message

string

ユーザー インターフェイスでの表示に適したエラーを説明するメッセージ。

Policy

ポリシーの詳細

名前 説明
id

string

ポリシーの ID

lastModifiedBy

Principal

最後に変更したエンティティの名前

lastModifiedDateTime

string

最後に変更された日時。

PolicyAssignmentProperties

リソーススコープ、ロール定義、ポリシーの拡張情報

名前 説明
policy

Policy

ポリシーの詳細

roleDefinition

RoleDefinition

ロール定義の詳細

scope

Scope

リソース スコープの詳細

Principal

最後に変更したエンティティの名前

名前 説明
displayName

string

変更されたプリンシパルの名前

email

string

プリンシパルのEmail

id

string

プリンシパルが変更した ID

type

string

ユーザー、グループなどのプリンシパルの種類

RoleDefinition

ロール定義の詳細

名前 説明
displayName

string

ロール定義の表示名

id

string

ロール定義の ID

type

string

ロール定義の種類

RoleManagementPolicyAssignment

ロール管理ポリシー

名前 説明
id

string

ロール管理ポリシー ID。

name

string

ロール管理ポリシー名。

properties.effectiveRules

RoleManagementPolicyRule[]

ポリシーに適用される読み取り専用計算ルール。

properties.policyAssignmentProperties

PolicyAssignmentProperties

スコープ、ロール定義、およびポリシーの追加のプロパティ

properties.policyId

string

ポリシー ID ロール管理ポリシーの割り当て。

properties.roleDefinitionId

string

管理ポリシー割り当てのロール定義。

properties.scope

string

ロール管理ポリシーのスコープ。

type

string

ロール管理ポリシーの種類。

Scope

リソース スコープの詳細

名前 説明
displayName

string

リソースの表示名

id

string

リソースのスコープ ID

type

string

リソースの種類