Policy States - Summarize For Resource
摘要說明資源的原則狀態。
POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2019-10-01POST https://management.azure.com/{resourceId}/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2019-10-01&$top={$top}&$from={$from}&$to={$to}&$filter={$filter}URI 參數
| 名稱 | 位於 | 必要 | 類型 | Description |
|---|---|---|---|---|
|
policy
|
path | True |
摘要動作之 PolicyStates 資源類型下的虛擬資源。 在指定的時間範圍內,『latest』 代表最新的原則狀態,而且是唯一允許的值。 |
|
|
resource
|
path | True |
string |
資源標識碼。 |
|
api-version
|
query | True |
string |
用戶端 API 版本。 |
|
$filter
|
query |
string |
OData 篩選表達式。 |
|
|
$from
|
query |
string (date-time) |
ISO 8601 格式化時間戳,指定要查詢的間隔開始時間。 未指定時,服務會使用 ($to - 1 天)。 |
|
|
$to
|
query |
string (date-time) |
ISO 8601 格式化時間戳,指定要查詢之間隔的結束時間。 未指定時,服務會使用要求時間。 |
|
|
$top
|
query |
integer (int32) minimum: 0 |
要傳回的記錄數目上限。 |
回應
| 名稱 | 類型 | Description |
|---|---|---|
| 200 OK |
摘要結果。 |
|
| Other Status Codes |
描述作業失敗原因的錯誤回應。 |
安全性
azure_auth
Azure Active Directory OAuth2 Flow
類型:
oauth2
Flow:
implicit
授權 URL:
https://login.microsoftonline.com/common/oauth2/authorize
範圍
| 名稱 | Description |
|---|---|
| user_impersonation | 模擬您的用戶帳戶 |
範例
Summarize at resource scope
範例要求
POST https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2019-10-01&$top=2
範例回覆
{
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:59:17Z&$to=2019-10-13 19:59:17Z&$filter=IsCompliant eq false",
"nonCompliantResources": 1,
"nonCompliantPolicies": 14,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 2
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
},
"policyAssignments": [
{
"policyAssignmentId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/8174043a1e2849179635b874",
"policySetDefinitionId": "",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:59:17Z&$to=2019-10-13 19:59:17Z&$filter=IsCompliant eq false and PolicyAssignmentId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/8174043a1e2849179635b874'",
"nonCompliantResources": 1,
"nonCompliantPolicies": 1,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
},
"policyDefinitions": [
{
"policyDefinitionId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policydefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionReferenceId": "",
"effect": "audit",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:59:17Z&$to=2019-10-13 19:59:17Z&$filter=IsCompliant eq false and PolicyAssignmentId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/8174043a1e2849179635b874' and PolicyDefinitionId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policydefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066'",
"nonCompliantResources": 1,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
}
}
],
"policyGroups": [
{
"policyGroupName": "",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:48:53Z&$to=2019-10-13 19:48:53Z&$filter='group1' IN PolicyDefinitionGroupNames and PolicyAssignmentId eq '/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/8174043a1e2849179635b874'",
"nonCompliantResources": 7,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
}
}
]
},
{
"policyAssignmentId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a",
"policySetDefinitionId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:59:17Z&$to=2019-10-13 19:59:17Z&$filter=IsCompliant eq false and PolicyAssignmentId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'",
"nonCompliantResources": 1,
"nonCompliantPolicies": 1,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
},
"policyDefinitions": [
{
"policyDefinitionId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d",
"policyDefinitionReferenceId": "",
"effect": "audit",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup/providers/Microsoft.KeyVault/vaults/my-vault/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:59:17Z&$to=2019-10-13 19:59:17Z&$filter=IsCompliant eq false and PolicyAssignmentId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a' and PolicyDefinitionId eq '/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'",
"nonCompliantResources": 1,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
}
}
],
"policyGroups": [
{
"policyGroupName": "group1",
"results": {
"queryResultsUri": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2019-10-01&$from=2019-10-12 19:48:53Z&$to=2019-10-13 19:48:53Z&$filter='group1' IN PolicyDefinitionGroupNames and PolicyAssignmentId eq '/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a' and PolicySetDefinitiontId eq '/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5' and 'group1' IN PolicyDefinitionGroupNames",
"nonCompliantResources": 100,
"resourceDetails": [
{
"complianceState": "compliant",
"count": 140
},
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
],
"policyGroupDetails": [
{
"complianceState": "noncompliant",
"count": 1
}
]
}
}
]
}
]
}
]
}定義
| 名稱 | Description |
|---|---|
|
Compliance |
合規性狀態匯總。 |
| Error |
錯誤定義。 |
|
Policy |
原則指派摘要。 |
|
Policy |
原則定義摘要。 |
|
Policy |
原則定義群組摘要。 |
|
Policy |
摘要動作之 PolicyStates 資源類型下的虛擬資源。 在指定的時間範圍內,『latest』 代表最新的原則狀態,而且是唯一允許的值。 |
|
Query |
錯誤回應。 |
|
Summarize |
摘要說明動作結果。 |
| Summary |
摘要結果。 |
|
Summary |
特定摘要層級的合規性摘要。 |
ComplianceDetail
合規性狀態匯總。
| 名稱 | 類型 | Description |
|---|---|---|
| complianceState |
string |
合規性狀態。 |
| count |
integer (int32) |
此合規性狀態的摘要計數值。 |
Error
錯誤定義。
| 名稱 | 類型 | Description |
|---|---|---|
| code |
string |
服務特定的錯誤碼,做為 HTTP 錯誤碼的子狀態。 |
| message |
string |
錯誤的描述。 |
PolicyAssignmentSummary
原則指派摘要。
| 名稱 | 類型 | Description |
|---|---|---|
| policyAssignmentId |
string |
原則指派標識碼。 |
| policyDefinitions |
原則定義摘要。 |
|
| policyGroups |
原則定義群組摘要。 |
|
| policySetDefinitionId |
string |
如果原則指派是針對原則集,則原則集定義標識符。 |
| results |
原則指派的合規性摘要。 |
PolicyDefinitionSummary
原則定義摘要。
| 名稱 | 類型 | Description |
|---|---|---|
| effect |
string |
原則效果,即原則定義動作。 |
| policyDefinitionGroupNames |
string[] |
原則定義組名。 |
| policyDefinitionId |
string |
原則定義標識碼。 |
| policyDefinitionReferenceId |
string |
原則定義參考標識碼。 |
| results |
原則定義的合規性摘要。 |
PolicyGroupSummary
原則定義群組摘要。
| 名稱 | 類型 | Description |
|---|---|---|
| policyGroupName |
string |
原則組名。 |
| results |
原則定義群組的合規性摘要。 |
PolicyStatesSummaryResourceType
摘要動作之 PolicyStates 資源類型下的虛擬資源。 在指定的時間範圍內,『latest』 代表最新的原則狀態,而且是唯一允許的值。
| 值 | Description |
|---|---|
| latest |
QueryFailure
錯誤回應。
| 名稱 | 類型 | Description |
|---|---|---|
| error |
錯誤定義。 |
SummarizeResults
摘要說明動作結果。
| 名稱 | 類型 | Description |
|---|---|---|
| @odata.context |
string |
OData 內容字串;OData 用戶端用來根據元數據解析類型資訊。 |
| @odata.count |
integer (int32) minimum: 1maximum: 1 |
OData 實體計數;代表傳回的摘要數目;一律設定為 1。 |
| value |
Summary[] |
摘要說明動作結果。 |
Summary
摘要結果。
| 名稱 | 類型 | Description |
|---|---|---|
| @odata.context |
string |
OData 內容字串;OData 用戶端用來根據元數據解析類型資訊。 |
| @odata.id |
string |
OData 實體識別碼;一律設定為 null,因為摘要沒有實體標識符。 |
| policyAssignments |
原則指派摘要。 |
|
| results |
所有原則指派的合規性摘要。 |
SummaryResults
特定摘要層級的合規性摘要。
| 名稱 | 類型 | Description |
|---|---|---|
| nonCompliantPolicies |
integer (int32) minimum: 0 |
不符合規範的原則數目。 |
| nonCompliantResources |
integer (int32) minimum: 0 |
不符合規範的資源數目。 |
| policyDetails |
此層級的原則成品摘要。 針對查詢範圍層級,它代表原則指派摘要。 針對原則指派層級,它代表原則定義摘要。 |
|
| policyGroupDetails |
此層級的原則定義群組摘要。 |
|
| queryResultsUri |
string |
Microsoft.PolicyInsights 上 queryResults 動作的 HTTP POST URI,以擷取合規性摘要的原始結果。 在未來的 API 版本中,此屬性預設無法使用,但可以明確查詢。 |
| resourceDetails |
此層級的資源摘要。 |