Alerts - List For Scope

Usługa:

Authorization

Wersja interfejsu API:

2022-08-01-preview

Pobiera alerty dotyczące zakresu zasobów.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

Parametry identyfikatora URI

Nazwa	W	Wymagane	Typ	Opis
scope	path	True	string	Zakres alertu.
api-version	query	True	string	Wersja interfejsu API do użycia dla tej operacji.

Odpowiedzi

Nazwa	Typ	Opis
200 OK	AlertListResult	OK — zwraca tablicę alertów.
Other Status Codes	CloudError	Odpowiedź na błąd opisująca, dlaczego operacja nie powiodła się.

Zabezpieczenia

azure_auth

Przepływ OAuth2 usługi Azure Active Directory

Typ: oauth2
Flow: implicit
Adres URL autoryzacji: https://login.microsoftonline.com/common/oauth2/authorize

Zakresy

Nazwa	Opis
user_impersonation	personifikacja konta użytkownika

Przykłady

GetAlerts

Przykładowe żądanie

HTTP

GET https://management.azure.com/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

Go

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
func ExampleAlertsClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAlertsClient().NewListForScopePager("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AlertListResult = armauthorization.AlertListResult{
		// 	Value: []*armauthorization.Alert{
		// 		{
		// 			Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfPermanentOwners: to.Ptr[int32](10),
		// 						ThresholdPercentageOfPermanentOwnersOutOfAllOwners: to.Ptr[int32](10),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many permanent owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, require the user to activate the role before use."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 		},
		// 		{
		// 			Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfOwners: to.Ptr[int32](2),
		// 						ThresholdPercentageOfOwnersOutOfAllRoleMembers: to.Ptr[int32](3),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets alerts for a resource scope.
 *
 * @summary Gets alerts for a resource scope.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
 */
async function getAlerts() {
  const scope = "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f";
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential);
  const resArray = new Array();
  for await (let item of client.alerts.listForScope(scope)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Przykładowa odpowiedź

Kod stanu:

200

{
  "value": [
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many permanent owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity.",
            "mitigationSteps": "To mitigate this issue, require the user to activate the role before use.",
            "howToPrevent": "Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyPermanentOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyPermanentOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyPermanentOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfPermanentOwners": 10,
            "thresholdPercentageOfPermanentOwnersOutOfAllOwners": 10
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyPermanentOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    },
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource.",
            "mitigationSteps": "To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor.",
            "howToPrevent": "Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfOwners": 2,
            "thresholdPercentageOfOwnersOutOfAllRoleMembers": 3
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    }
  ]
}

Definicje

Nazwa	Opis
Alert	Alert.
AlertConfiguration	Konfiguracja alertu.
AlertDefinition	Definicja alertu
AlertIncident	Zdarzenie alertu
AlertListResult	Wynik operacji listy alertów.
CloudError	Odpowiedź na błąd z usługi.
CloudErrorBody	Odpowiedź na błąd z usługi.
SeverityLevel	Poziom ważności alertu.

Alert

Alert.

Nazwa	Typ	Opis
id	string	Identyfikator alertu.
name	string	Nazwa alertu.
properties.alertConfiguration	AlertConfiguration	Konfiguracja alertu.
properties.alertDefinition	AlertDefinition	Definicja alertu.
properties.alertIncidents	AlertIncident[]	Zdarzenia alertu.
properties.incidentCount	integer	Liczba wygenerowanych zdarzeń alertu.
properties.isActive	boolean	Wartość false domyślnie; wartość true, jeśli alert jest aktywny.
properties.lastModifiedDateTime	string	Data wygenerowania konfiguracji alertu lub wygenerowanie nowych zdarzeń.
properties.lastScannedDateTime	string	Data i godzina ostatniego skanowania alertu.
properties.scope	string	Zakres alertu.
type	string	Typ alertu.

AlertConfiguration

Konfiguracja alertu.

Nazwa	Typ	Opis
id	string	Identyfikator konfiguracji alertu.
name	string	Nazwa konfiguracji alertu.
properties.alertConfigurationType	string	Typ konfiguracji alertu.
properties.alertDefinition	AlertDefinition	Definicja alertu.
properties.alertDefinitionId	string	Identyfikator definicji alertu.
properties.isEnabled	boolean	Wartość True, jeśli alert jest włączony, wartość false spowoduje wyłączenie skanowania dla określonego alertu.
properties.scope	string	Zakres alertu.
type	string	Typ konfiguracji alertu.

AlertDefinition

Definicja alertu

Nazwa	Typ	Opis
id	string	Identyfikator definicji alertu.
name	string	Nazwa definicji alertu.
properties.description	string	Opis alertu.
properties.displayName	string	Nazwa wyświetlana alertu.
properties.howToPrevent	string	Sposoby zapobiegania alertowi.
properties.isConfigurable	boolean	Prawda, jeśli można skonfigurować konfigurację alertu; false, w przeciwnym razie.
properties.isRemediatable	boolean	Wartość True, jeśli alert można skorygować; false, w przeciwnym razie.
properties.mitigationSteps	string	Metody ograniczania alertu.
properties.scope	string	Zakres alertu.
properties.securityImpact	string	Wpływ alertu na bezpieczeństwo.
properties.severityLevel	SeverityLevel	Poziom ważności alertu.
type	string	Typ definicji alertu.

AlertIncident

Zdarzenie alertu

Nazwa	Typ	Opis
id	string	Identyfikator zdarzenia alertu.
name	string	Nazwa zdarzenia alertu.
properties.alertIncidentType	string	Typ zdarzenia alertu.
type	string	Typ zdarzenia alertu.

AlertListResult

Wynik operacji listy alertów.

Nazwa	Typ	Opis
nextLink	string	Adres URL używany do pobierania następnego zestawu wyników.
value	Alert[]	Lista alertów

CloudError

Odpowiedź na błąd z usługi.

Nazwa	Typ	Opis
error	CloudErrorBody	Odpowiedź na błąd z usługi.

CloudErrorBody

Odpowiedź na błąd z usługi.

Nazwa	Typ	Opis
code	string	Identyfikator błędu. Kody są niezmienne i mają być używane programowo.
message	string	Komunikat opisujący błąd, który ma być odpowiedni do wyświetlania w interfejsie użytkownika.

SeverityLevel

Poziom ważności alertu.

Nazwa	Typ	Opis
High	string
Low	string
Medium	string