Compartilhar via


AccessReviewScheduleDefinition Class

Access Review Schedule Definition.

Variables are only populated by the server, and will be ignored when sending a request.

Inheritance
azure.mgmt.authorization._serialization.Model
AccessReviewScheduleDefinition

Constructor

AccessReviewScheduleDefinition(*, display_name: str | None = None, description_for_admins: str | None = None, description_for_reviewers: str | None = None, reviewers: List[_models.AccessReviewReviewer] | None = None, backup_reviewers: List[_models.AccessReviewReviewer] | None = None, instances: List[_models.AccessReviewInstance] | None = None, inactive_duration: timedelta | None = None, expand_nested_memberships: bool | None = None, include_inherited_access: bool | None = None, include_access_below_resource: bool | None = None, exclude_resource_id: str | None = None, exclude_role_definition_id: str | None = None, mail_notifications_enabled: bool | None = None, reminder_notifications_enabled: bool | None = None, default_decision_enabled: bool | None = None, justification_required_on_approval: bool | None = None, default_decision: str | _models.DefaultDecisionType | None = None, auto_apply_decisions_enabled: bool | None = None, recommendations_enabled: bool | None = None, recommendation_look_back_duration: timedelta | None = None, instance_duration_in_days: int | None = None, type_properties_settings_recurrence_range_type: str | _models.AccessReviewRecurrenceRangeType | None = None, number_of_occurrences: int | None = None, start_date: datetime | None = None, end_date: datetime | None = None, type_properties_settings_recurrence_pattern_type: str | _models.AccessReviewRecurrencePatternType | None = None, interval: int | None = None, **kwargs: Any)

Keyword-Only Parameters

Name Description
display_name
str

The display name for the schedule definition.

description_for_admins
str

The description provided by the access review creator and visible to admins.

description_for_reviewers
str

The description provided by the access review creator to be shown to reviewers.

reviewers

This is the collection of reviewers.

backup_reviewers

This is the collection of backup reviewers.

instances

This is the collection of instances returned when one does an expand on it.

inactive_duration

Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This.This) code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)).

expand_nested_memberships

Flag to indicate whether to expand nested memberships or not.

include_inherited_access

Flag to indicate whether to expand nested memberships or not.

include_access_below_resource

Flag to indicate whether to expand nested memberships or not.

exclude_resource_id
str

This is used to indicate the resource id(s) to exclude.

exclude_role_definition_id
str

This is used to indicate the role definition id(s) to exclude.

mail_notifications_enabled

Flag to indicate whether sending mails to reviewers and the review creator is enabled.

reminder_notifications_enabled

Flag to indicate whether sending reminder emails to reviewers are enabled.

default_decision_enabled

Flag to indicate whether reviewers are required to provide a justification when reviewing access.

justification_required_on_approval

Flag to indicate whether the reviewer is required to pass justification when recording a decision.

default_decision

This specifies the behavior for the autoReview feature when an access review completes. Known values are: "Approve", "Deny", and "Recommendation".

auto_apply_decisions_enabled

Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.

recommendations_enabled

Flag to indicate whether showing recommendations to reviewers is enabled.

recommendation_look_back_duration

Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This.This) code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)).

instance_duration_in_days
int

The duration in days for an instance.

type_properties_settings_recurrence_range_type

The recurrence range type. The possible values are: endDate, noEnd, numbered. Known values are: "endDate", "noEnd", and "numbered".

number_of_occurrences
int

The number of times to repeat the access review. Required and must be positive if type is numbered.

start_date

The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.

end_date

The DateTime when the review is scheduled to end. Required if type is endDate.

type_properties_settings_recurrence_pattern_type

The recurrence type : weekly, monthly, etc. Known values are: "weekly" and "absoluteMonthly".

interval
int

The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.

Variables

Name Description
id
str

The access review schedule definition id.

name
str

The access review schedule definition unique id.

type
str

The resource type.

display_name
str

The display name for the schedule definition.

status

This read-only field specifies the status of an accessReview. Known values are: "NotStarted", "InProgress", "Completed", "Applied", "Initializing", "Applying", "Completing", "Scheduled", "AutoReviewing", "AutoReviewed", and "Starting".

description_for_admins
str

The description provided by the access review creator and visible to admins.

description_for_reviewers
str

The description provided by the access review creator to be shown to reviewers.

reviewers

This is the collection of reviewers.

backup_reviewers

This is the collection of backup reviewers.

reviewers_type

This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen dynamically. For example managers review or self review. Known values are: "Assigned", "Self", and "Managers".

instances

This is the collection of instances returned when one does an expand on it.

resource_id
str

ResourceId in which this review is getting created.

role_definition_id
str

This is used to indicate the role being reviewed.

principal_type_properties_scope_principal_type

The identity type user/servicePrincipal to review. Known values are: "user", "guestUser", "servicePrincipal", "user,group", and "redeemedGuestUser".

assignment_state

The role assignment state eligible/active to review. Known values are: "eligible" and "active".

inactive_duration

Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This.This) code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)).

expand_nested_memberships

Flag to indicate whether to expand nested memberships or not.

include_inherited_access

Flag to indicate whether to expand nested memberships or not.

include_access_below_resource

Flag to indicate whether to expand nested memberships or not.

exclude_resource_id
str

This is used to indicate the resource id(s) to exclude.

exclude_role_definition_id
str

This is used to indicate the role definition id(s) to exclude.

mail_notifications_enabled

Flag to indicate whether sending mails to reviewers and the review creator is enabled.

reminder_notifications_enabled

Flag to indicate whether sending reminder emails to reviewers are enabled.

default_decision_enabled

Flag to indicate whether reviewers are required to provide a justification when reviewing access.

justification_required_on_approval

Flag to indicate whether the reviewer is required to pass justification when recording a decision.

default_decision

This specifies the behavior for the autoReview feature when an access review completes. Known values are: "Approve", "Deny", and "Recommendation".

auto_apply_decisions_enabled

Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. If not enabled, a user must, after the review completes, apply the access review.

recommendations_enabled

Flag to indicate whether showing recommendations to reviewers is enabled.

recommendation_look_back_duration

Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) by default. However, in some scenarios, customers want to change how far back to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This.This) code can be used to convert TimeSpan to a valid interval string: XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)).

instance_duration_in_days
int

The duration in days for an instance.

type_properties_settings_recurrence_range_type

The recurrence range type. The possible values are: endDate, noEnd, numbered. Known values are: "endDate", "noEnd", and "numbered".

number_of_occurrences
int

The number of times to repeat the access review. Required and must be positive if type is numbered.

start_date

The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create.

end_date

The DateTime when the review is scheduled to end. Required if type is endDate.

type_properties_settings_recurrence_pattern_type

The recurrence type : weekly, monthly, etc. Known values are: "weekly" and "absoluteMonthly".

interval
int

The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly.

principal_id
str

The identity id.

principal_type_properties_created_by_principal_type

The identity type : user/servicePrincipal. Known values are: "user" and "servicePrincipal".

principal_name
str

The identity display name.

user_principal_name
str

The user principal name(if valid).