Hämta en specifik styrningsregel för det begärda omfånget efter ruleId
GET https://management.azure.com/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}?api-version=2022-01-01-preview
URI-parametrar
| Name |
I |
Obligatorisk |
Typ |
Description |
|
ruleId
|
path |
True
|
string
|
Styrningsregelnyckeln – unik nyckel för standardstyrningsregeln (GUID)
|
|
scope
|
path |
True
|
string
|
Omfånget för styrningsreglerna. Giltiga omfång är: hanteringsgrupp (format: "providers/Microsoft.Management/managementGroups/{managementGroup}", prenumeration (format: "subscriptions/{subscriptionId}") eller säkerhetsanslutningsprogram (format: "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})"
|
|
api-version
|
query |
True
|
string
|
API-version för åtgärden
|
Svar
| Name |
Typ |
Description |
|
200 OK
|
GovernanceRule
|
OKEJ
|
|
Other Status Codes
|
CloudError
|
Felsvar som beskriver varför åtgärden misslyckades
|
Säkerhet
azure_auth
Azure Active Directory OAuth2 Flow
Typ:
oauth2
Flow:
implicit
Auktoriseringswebbadress:
https://login.microsoftonline.com/common/oauth2/authorize
Omfattningar
| Name |
Description |
|
user_impersonation
|
personifiera ditt användarkonto
|
Exempel
Get a governance rule over management group scope
Exempelbegäran
GET https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetManagementGroupGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over management group scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverManagementGroupScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse("providers/Microsoft.Management/managementGroups/contoso",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "providers/Microsoft.Management/managementGroups/contoso", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule for a management group"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("Management group rule"),
// ExcludedScopes: []*string{
// to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")},
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
*/
async function getAGovernanceRuleOverManagementGroupScope() {
const scope = "providers/Microsoft.Management/managementGroups/contoso";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "providers/Microsoft.Management/managementGroups/contoso";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
GovernanceRuleResource result = await governanceRule.GetAsync();
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Exempelsvar
{
"id": "providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "Management group rule",
"description": "A rule for a management group",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Get a governance rule over security connector scope
Exempelbegäran
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetSecurityConnectorGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over security connector scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverSecurityConnectorScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse(
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverSecurityConnectorScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule on critical GCP recommendations"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("GCP Admin's rule"),
// ExcludedScopes: []*string{
// },
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
*/
async function getAGovernanceRuleOverSecurityConnectorScope() {
const scope =
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
GovernanceRuleResource result = await governanceRule.GetAsync();
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Exempelsvar
{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "GCP Admin's rule",
"description": "A rule on critical GCP recommendations",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Get a governance rule over subscription scope
Exempelbegäran
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-01-01-preview
/**
* Samples for GovernanceRules Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/
* GetGovernanceRule_example.json
*/
/**
* Sample code: Get a governance rule over subscription scope.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getAGovernanceRuleOverSubscriptionScope(com.azure.resourcemanager.security.SecurityManager manager) {
manager.governanceRules().getWithResponse("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"ad9a8e26-29d9-4829-bb30-e597a58cdbb8", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
func ExampleGovernanceRulesClient_Get_getAGovernanceRuleOverSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewGovernanceRulesClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.GovernanceRule = armsecurity.GovernanceRule{
// Name: to.Ptr("ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Type: to.Ptr("Microsoft.Security/governanceRules"),
// ID: to.Ptr("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
// Properties: &armsecurity.GovernanceRuleProperties{
// Description: to.Ptr("A rule for critical recommendations"),
// ConditionSets: []any{
// map[string]any{
// "conditions":[]any{
// map[string]any{
// "operator": "In",
// "property": "$.AssessmentKey",
// "value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
// },
// },
// }},
// DisplayName: to.Ptr("Admin's rule"),
// ExcludedScopes: []*string{
// },
// GovernanceEmailNotification: &armsecurity.GovernanceRuleEmailNotification{
// DisableManagerEmailNotification: to.Ptr(false),
// DisableOwnerEmailNotification: to.Ptr(false),
// },
// IncludeMemberScopes: to.Ptr(false),
// IsDisabled: to.Ptr(false),
// IsGracePeriod: to.Ptr(true),
// Metadata: &armsecurity.GovernanceRuleMetadata{
// CreatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// UpdatedBy: to.Ptr("c23b5354-ff0a-4b2a-9f92-6f144effd936"),
// UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-10T08:31:26.799Z"); return t}()),
// },
// OwnerSource: &armsecurity.GovernanceRuleOwnerSource{
// Type: to.Ptr(armsecurity.GovernanceRuleOwnerSourceTypeManually),
// Value: to.Ptr("user@contoso.com"),
// },
// RemediationTimeframe: to.Ptr("7.00:00:00"),
// RulePriority: to.Ptr[int32](200),
// RuleType: to.Ptr(armsecurity.GovernanceRuleTypeIntegrated),
// SourceResourceType: to.Ptr(armsecurity.GovernanceRuleSourceResourceTypeAssessments),
// TenantID: to.Ptr("f0b6d37b-e4bc-4719-9291-c066c3194f23"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a specific governance rule for the requested scope by ruleId
*
* @summary Get a specific governance rule for the requested scope by ruleId
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
*/
async function getAGovernanceRuleOverSubscriptionScope() {
const scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
const ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.governanceRules.get(scope, ruleId);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/examples/GovernanceRules/GetGovernanceRule_example.json
// this example is just showing the usage of "GovernanceRules_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this GovernanceRuleResource created on azure
// for more information of creating GovernanceRuleResource, please refer to the document of GovernanceRuleResource
string scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string ruleId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier governanceRuleResourceId = GovernanceRuleResource.CreateResourceIdentifier(scope, ruleId);
GovernanceRuleResource governanceRule = client.GetGovernanceRuleResource(governanceRuleResourceId);
// invoke the operation
GovernanceRuleResource result = await governanceRule.GetAsync();
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
GovernanceRuleData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Exempelsvar
{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/governanceRules/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"name": "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
"type": "Microsoft.Security/governanceRules",
"properties": {
"tenantId": "f0b6d37b-e4bc-4719-9291-c066c3194f23",
"displayName": "Admin's rule",
"description": "A rule for critical recommendations",
"remediationTimeframe": "7.00:00:00",
"isGracePeriod": true,
"rulePriority": 200,
"isDisabled": false,
"ruleType": "Integrated",
"sourceResourceType": "Assessments",
"conditionSets": [
{
"conditions": [
{
"property": "$.AssessmentKey",
"value": "[\"b1cd27e0-4ecc-4246-939f-49c426d9d72f\", \"fe83f80b-073d-4ccf-93d9-6797eb870201\"]",
"operator": "In"
}
]
}
],
"ownerSource": {
"type": "Manually",
"value": "user@contoso.com"
},
"governanceEmailNotification": {
"disableManagerEmailNotification": false,
"disableOwnerEmailNotification": false
},
"excludedScopes": [],
"includeMemberScopes": false,
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"updatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"updatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}
Definitioner
CloudError
Vanligt felsvar för alla Azure Resource Manager-API:er för att returnera felinformation för misslyckade åtgärder. (Detta följer även formatet för OData-felsvar.).
| Name |
Typ |
Description |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
Ytterligare information om felet.
|
|
error.code
|
string
|
Felkoden.
|
|
error.details
|
CloudErrorBody[]
|
Felinformationen.
|
|
error.message
|
string
|
Felmeddelandet.
|
|
error.target
|
string
|
Felmålet.
|
CloudErrorBody
Felinformationen.
| Name |
Typ |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
Ytterligare information om felet.
|
|
code
|
string
|
Felkoden.
|
|
details
|
CloudErrorBody[]
|
Felinformationen.
|
|
message
|
string
|
Felmeddelandet.
|
|
target
|
string
|
Felmålet.
|
Condition
Styrningsregelns villkor
| Name |
Typ |
Description |
|
operator
|
GovernanceRuleConditionOperator
|
Styrningsregelns villkorsoperator, till exempel Lika med för allvarlighetsgrad eller I för lista över utvärderingar, se exempel
|
|
property
|
string
|
Styrningsregelns egenskap, t.ex. Allvarlighetsgrad eller AssessmentKey, se exempel
|
|
value
|
string
|
Styrningsregelns Värde som allvarlighetsgrad Låg, Hög eller utvärderingsnycklar, se exempel
|
ErrorAdditionalInfo
Ytterligare information om resurshanteringsfelet.
| Name |
Typ |
Description |
|
info
|
object
|
Ytterligare information.
|
|
type
|
string
|
Ytterligare informationstyp.
|
GovernanceRule
Styrningsregel över ett visst omfång
| Name |
Typ |
Description |
|
id
|
string
|
Resurs-ID
|
|
name
|
string
|
Resursnamn
|
|
properties.conditionSets
|
Condition[]
|
StyrningsregelvillkorUppsättningar – se exempel
|
|
properties.description
|
string
|
Beskrivning av styrningsregeln
|
|
properties.displayName
|
string
|
Visningsnamn för styrningsregeln
|
|
properties.excludedScopes
|
string[]
|
Exkluderade omfång filtrerar du bort underordnade till omfånget (på hanteringsomfång)
|
|
properties.governanceEmailNotification
|
GovernanceRuleEmailNotification
|
Inställningarna för e-postaviseringar för styrningsregeln anger om meddelanden för hanteraren och ägare ska inaktiveras
|
|
properties.includeMemberScopes
|
boolean
|
Definierar om regeln är hanteringsomfångsregel (huvudanslutning som ett enda omfång eller hanteringsomfång)
|
|
properties.isDisabled
|
boolean
|
Definierar om regeln är aktiv/inaktiv
|
|
properties.isGracePeriod
|
boolean
|
Definierar om det finns en respitperiod för styrningsregeln
|
|
properties.metadata
|
GovernanceRuleMetadata
|
Metadata för styrningsregeln
|
|
properties.ownerSource
|
GovernanceRuleOwnerSource
|
Ägarkällan för styrningsregeln – t.ex. manuellt av user@contoso.com – se exempel
|
|
properties.remediationTimeframe
|
string
|
Tidsram för reparation av styrningsregel – det här är den tid som påverkar respitperiodens varaktighet, t.ex. 7.00:00:00 – innebär 7 dagar
|
|
properties.rulePriority
|
integer
|
Styrningsregelns prioritet, prioritet till det lägre talet. Regler med samma prioritet för samma omfång tillåts inte
|
|
properties.ruleType
|
GovernanceRuleType
|
Regeltypen för styrningsregeln definierar källan till regeln, t.ex. integrerad
|
|
properties.sourceResourceType
|
GovernanceRuleSourceResourceType
|
Styrningsregelkällan, vad regeln påverkar, t.ex. utvärderingar
|
|
properties.tenantId
|
string
|
TenantId (GUID)
|
|
type
|
string
|
Resurstyp
|
GovernanceRuleConditionOperator
Styrningsregelns villkorsoperator, till exempel Lika med för allvarlighetsgrad eller I för lista över utvärderingar, se exempel
| Name |
Typ |
Description |
|
Equals
|
string
|
Kontrollerar att strängvärdet för data som definierats i Egenskapen är lika med det angivna värdet – exakt passform
|
|
In
|
string
|
Kontrollerar att strängvärdet för data som definierats i Egenskapen är lika med något av de angivna värdena (exakt passform)
|
GovernanceRuleEmailNotification
Konfiguration av e-post för styrning varje vecka
| Name |
Typ |
Description |
|
disableManagerEmailNotification
|
boolean
|
Definierar om e-postaviseringar för chef är inaktiverade
|
|
disableOwnerEmailNotification
|
boolean
|
Definierar om ägarens e-postaviseringar är inaktiverade
|
Metadata för styrningsregeln
| Name |
Typ |
Description |
|
createdBy
|
string
|
Styrningsregel skapad av objekt-ID (GUID)
|
|
createdOn
|
string
|
Skapandedatum för styrningsregel
|
|
updatedBy
|
string
|
Styrningsregeln uppdaterades senast av objekt-ID (GUID)
|
|
updatedOn
|
string
|
Styrningsregel senaste uppdateringsdatum
|
GovernanceRuleOwnerSource
Beskriv ägarkällan för styrningsregeln
| Name |
Typ |
Description |
|
type
|
GovernanceRuleOwnerSourceType
|
Ägartyp för ägarkällan för styrningsregeln
|
|
value
|
string
|
Källvärdet, t.ex. taggnyckel som ägarens namn eller e-postadress
|
GovernanceRuleOwnerSourceType
Ägartyp för ägarkällan för styrningsregeln
| Name |
Typ |
Description |
|
ByTag
|
string
|
Regelkällans typ som definierats med hjälp av resurstaggen
|
|
Manually
|
string
|
Regelkällans typ definieras manuellt
|
GovernanceRuleSourceResourceType
Styrningsregelkällan, vad regeln påverkar, t.ex. utvärderingar
| Name |
Typ |
Description |
|
Assessments
|
string
|
Källan till styrningsregeln är utvärderingar
|
GovernanceRuleType
Regeltypen för styrningsregeln definierar källan till regeln, t.ex. integrerad
| Name |
Typ |
Description |
|
Integrated
|
string
|
Källan till regeltypdefinitionen är integrerad
|
|
ServiceNow
|
string
|
Källan till regeltypdefinitionen är ServiceNow
|