Alerts - List For Scope

Serviço:

Authorization

Versão da API:

2022-08-01-preview

Obtém alertas para um escopo de recurso.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

Parâmetros de URI

Nome	Em	Obrigatório	Tipo	Description
scope	path	True	string	O escopo do alerta.
api-version	query	True	string	A versão da API a ser usada para esta operação.

Respostas

Nome	Tipo	Description
200 OK	AlertListResult	OK – retorna uma matriz de alertas.
Other Status Codes	CloudError	Resposta de erro que descreve por que a operação falhou.

Segurança

azure_auth

Fluxo do OAuth2 do Azure Active Directory

Tipo: oauth2
Flow: implicit
URL de Autorização: https://login.microsoftonline.com/common/oauth2/authorize

Escopos

Nome	Description
user_impersonation	representar sua conta de usuário

Exemplos

GetAlerts

Solicitação de exemplo

HTTP

GET https://management.azure.com/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts?api-version=2022-08-01-preview

Go

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
func ExampleAlertsClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAlertsClient().NewListForScopePager("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AlertListResult = armauthorization.AlertListResult{
		// 	Value: []*armauthorization.Alert{
		// 		{
		// 			Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfPermanentOwners: to.Ptr[int32](10),
		// 						ThresholdPercentageOfPermanentOwnersOutOfAllOwners: to.Ptr[int32](10),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyPermanentOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many permanent owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, require the user to activate the role before use."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyPermanentOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 		},
		// 		{
		// 			Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 			Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts"),
		// 			ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource"),
		// 			Properties: &armauthorization.AlertProperties{
		// 				AlertConfiguration: &armauthorization.AlertConfiguration{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertConfigurations"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertConfigurationProperties{
		// 						AlertConfigurationType: to.Ptr("TooManyOwnersAssignedToResourceAlertConfiguration"),
		// 						AlertDefinitionID: to.Ptr("TooManyOwnersAssignedToResource"),
		// 						IsEnabled: to.Ptr(true),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						ThresholdNumberOfOwners: to.Ptr[int32](2),
		// 						ThresholdPercentageOfOwnersOutOfAllRoleMembers: to.Ptr[int32](3),
		// 					},
		// 				},
		// 				AlertDefinition: &armauthorization.AlertDefinition{
		// 					Name: to.Ptr("TooManyOwnersAssignedToResource"),
		// 					Type: to.Ptr("Microsoft.Authorization/roleManagementAlertDefinitions"),
		// 					ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource"),
		// 					Properties: &armauthorization.AlertDefinitionProperties{
		// 						Description: to.Ptr("The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here."),
		// 						DisplayName: to.Ptr("Too many owners assigned to a resource"),
		// 						HowToPrevent: to.Ptr("Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks."),
		// 						IsConfigurable: to.Ptr(true),
		// 						IsRemediatable: to.Ptr(true),
		// 						MitigationSteps: to.Ptr("To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor."),
		// 						Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 						SecurityImpact: to.Ptr("As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource."),
		// 						SeverityLevel: to.Ptr(armauthorization.SeverityLevelMedium),
		// 					},
		// 				},
		// 				AlertIncidents: []*armauthorization.AlertIncident{
		// 					{
		// 						Name: to.Ptr("a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Type: to.Ptr("Microsoft.Authorization/roleManagementAlerts/alertIncidents"),
		// 						ID: to.Ptr("/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"),
		// 						Properties: &armauthorization.TooManyOwnersAssignedToResourceAlertIncidentProperties{
		// 							AlertIncidentType: to.Ptr("TooManyOwnersAssignedToResourceAlertIncident"),
		// 							AssigneeName: to.Ptr("testUser"),
		// 							AssigneeType: to.Ptr("User"),
		// 						},
		// 				}},
		// 				IncidentCount: to.Ptr[int32](1),
		// 				IsActive: to.Ptr(true),
		// 				LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-05T03:04:06.467Z"); return t}()),
		// 				LastScannedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-04-06T18:25:00.380Z"); return t}()),
		// 				Scope: to.Ptr("subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets alerts for a resource scope.
 *
 * @summary Gets alerts for a resource scope.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-08-01-preview/examples/GetAlerts.json
 */
async function getAlerts() {
  const scope = "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f";
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential);
  const resArray = new Array();
  for await (let item of client.alerts.listForScope(scope)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:

200

{
  "value": [
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many permanent owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users set to never expire is too high. To enhance the security of your resources, we recommend requiring activation for role use. Take a moment to review the list of users, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "Providing users permanent access in a role may leave resources vulnerable to accidental or malicious activity.",
            "mitigationSteps": "To mitigate this issue, require the user to activate the role before use.",
            "howToPrevent": "Enable “Activation Required” in the role settings menu. This will ensure newly added users must activate their role.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyPermanentOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyPermanentOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyPermanentOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfPermanentOwners": 10,
            "thresholdPercentageOfPermanentOwnersOutOfAllOwners": 10
          },
          "name": "TooManyPermanentOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyPermanentOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyPermanentOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyPermanentOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    },
    {
      "properties": {
        "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
        "incidentCount": 1,
        "lastModifiedDateTime": "2022-04-05T03:04:06.467+00:00",
        "lastScannedDateTime": "2022-04-06T18:25:00.38+00:00",
        "isActive": true,
        "alertDefinition": {
          "properties": {
            "displayName": "Too many owners assigned to a resource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "description": "The number of users with the Owner role is too high. We recommend assigning these individuals to less privileged roles or roles more suitable to their daily needs. Take a moment to review the current assignments, and suggested changes here.",
            "severityLevel": "Medium",
            "securityImpact": "As the number of users with the owner role increases, so does the potential for malicious or mistaken actions affecting your resource.",
            "mitigationSteps": "To mitigate this issue, reduce the number of users in the Owner role. Review the list of users in the list, and reassign them to a less privileged role such as Contributor.",
            "howToPrevent": "Choose a role that provides the fewest privileges necessary for a user or group to complete their tasks.",
            "isRemediatable": true,
            "isConfigurable": true
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertDefinitions/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertDefinitions"
        },
        "alertIncidents": [
          {
            "properties": {
              "alertIncidentType": "TooManyOwnersAssignedToResourceAlertIncident",
              "assigneeName": "testUser",
              "assigneeType": "User"
            },
            "name": "a9f38501-74ec-43ea-8663-6c538602150d",
            "type": "Microsoft.Authorization/roleManagementAlerts/alertIncidents",
            "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource/alertIncidents/a9f38501-74ec-43ea-8663-6c538602150d"
          }
        ],
        "alertConfiguration": {
          "properties": {
            "alertConfigurationType": "TooManyOwnersAssignedToResourceAlertConfiguration",
            "alertDefinitionId": "TooManyOwnersAssignedToResource",
            "scope": "subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f",
            "isEnabled": true,
            "thresholdNumberOfOwners": 2,
            "thresholdPercentageOfOwnersOutOfAllRoleMembers": 3
          },
          "name": "TooManyOwnersAssignedToResource",
          "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlertConfigurations/TooManyOwnersAssignedToResource",
          "type": "Microsoft.Authorization/roleManagementAlertConfigurations"
        }
      },
      "name": "TooManyOwnersAssignedToResource",
      "id": "/subscriptions/afa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleManagementAlerts/TooManyOwnersAssignedToResource",
      "type": "Microsoft.Authorization/roleManagementAlerts"
    }
  ]
}

Definições

Nome	Description
Alert	O alerta.
AlertConfiguration	Configuração de alerta.
AlertDefinition	Definição do alerta
AlertIncident	Incidente de alerta
AlertListResult	Resultado da operação da lista de alertas.
CloudError	Uma resposta de erro do serviço.
CloudErrorBody	Uma resposta de erro do serviço.
SeverityLevel	Nível de severidade do alerta.

Alert

O alerta.

Nome	Tipo	Description
id	string	A ID do alerta.
name	string	O nome do alerta.
properties.alertConfiguration	AlertConfiguration	A configuração do alerta.
properties.alertDefinition	AlertDefinition	A definição de alerta.
properties.alertIncidents	AlertIncident[]	Os incidentes de alerta.
properties.incidentCount	integer	O número de incidentes gerados do alerta.
properties.isActive	boolean	False por padrão; true se o alerta estiver ativo.
properties.lastModifiedDateTime	string	A data e hora em que a configuração do alerta foi atualizada ou novos incidentes foram gerados.
properties.lastScannedDateTime	string	A data e hora em que o alerta foi verificado pela última vez.
properties.scope	string	O escopo do alerta.
type	string	O tipo de alerta.

AlertConfiguration

Configuração de alerta.

Nome	Tipo	Description
id	string	A ID de configuração do alerta.
name	string	O nome da configuração do alerta.
properties.alertConfigurationType	string	O tipo de configuração de alerta.
properties.alertDefinition	AlertDefinition	A definição de alerta.
properties.alertDefinitionId	string	A ID de definição de alerta.
properties.isEnabled	boolean	True se o alerta estiver habilitado, false desabilitará a verificação do alerta específico.
properties.scope	string	O escopo do alerta.
type	string	O tipo de configuração de alerta.

AlertDefinition

Definição do alerta

Nome	Tipo	Description
id	string	A ID de definição de alerta.
name	string	O nome da definição de alerta.
properties.description	string	Descrição do alerta.
properties.displayName	string	O nome de exibição do alerta.
properties.howToPrevent	string	As maneiras de evitar o alerta.
properties.isConfigurable	boolean	True se a configuração de alerta puder ser configurada; false, caso contrário.
properties.isRemediatable	boolean	True se o alerta puder ser corrigido; false, caso contrário.
properties.mitigationSteps	string	Os métodos para atenuar o alerta.
properties.scope	string	O escopo do alerta.
properties.securityImpact	string	Impacto de segurança do alerta.
properties.severityLevel	SeverityLevel	Nível de severidade do alerta.
type	string	O tipo de definição de alerta.

AlertIncident

Incidente de alerta

Nome	Tipo	Description
id	string	A ID do incidente de alerta.
name	string	O nome do incidente de alerta.
properties.alertIncidentType	string	O tipo de incidente de alerta.
type	string	O tipo de incidente de alerta.

AlertListResult

Resultado da operação da lista de alertas.

Nome	Tipo	Description
nextLink	string	A URL a ser usada para obter o próximo conjunto de resultados.
value	Alert[]	Lista de alertas

CloudError

Uma resposta de erro do serviço.

Nome	Tipo	Description
error	CloudErrorBody	Uma resposta de erro do serviço.

CloudErrorBody

Uma resposta de erro do serviço.

Nome	Tipo	Description
code	string	Um identificador para o erro. Os códigos são invariáveis e devem ser consumidos programaticamente.
message	string	Uma mensagem que descreve o erro, destinada a ser adequada para exibição em uma interface do usuário.

SeverityLevel

Nível de severidade do alerta.

Nome	Tipo	Description
High	string
Low	string
Medium	string