Role Eligibility Schedules - List For Scope

Dienst:: Authorization

API-Version:: 2020-10-01

Ruft Rollenberechtigungszeitpläne für einen Ressourcenbereich ab.

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules?api-version=2020-10-01

Mit optionalen Parametern:

GET https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules?$filter={$filter}&api-version=2020-10-01

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
scope	path	True	string	Der Umfang der Rollenberechtigungszeitpläne.
api-version	query	True	string minLength: 1	Die API-Version, die für diesen Vorgang verwendet werden soll.
$filter	query		string	Der filter, der auf den Vorgang angewendet werden soll. Verwenden Sie $filter=atScope(), um alle Rollenberechtigungszeitpläne an oder über dem Bereich zurückzugeben. Verwenden Sie $filter=principalId eq {id}, um alle Rollenberechtigungszeitpläne über oder unterhalb des Bereichs für den angegebenen Prinzipal zurückzugeben. Verwenden Sie $filter=assignedTo('{userId}'), um alle Rollenberechtigungszeitpläne für den Benutzer zurückzugeben. Verwenden Sie $filter=asTarget(), um alle Rollenberechtigungszeitpläne zurückzugeben, die für den aktuellen Benutzer erstellt wurden.

Antworten

Name	Typ	Beschreibung
200 OK	RoleEligibilityScheduleListResult	OK : Gibt ein Array von Rollenberechtigungszeitplänen zurück.
Other Status Codes	CloudError	Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist.

Sicherheit

azure_auth

Azure Active Directory OAuth2-Fluss

Typ: oauth2
Ablauf: implicit
Autorisierungs-URL: https://login.microsoftonline.com/common/oauth2/authorize

Bereiche

Name	Beschreibung
user_impersonation	Identitätswechsel ihres Benutzerkontos

Beispiele

GetRoleEligibilitySchedulesByScope

Beispielanforderung

GET https://management.azure.com/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleEligibilitySchedules?$filter=assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')&api-version=2020-10-01


/**
 * Samples for RoleEligibilitySchedules ListForScope.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * GetRoleEligibilitySchedulesByScope.json
     */
    /**
     * Sample code: GetRoleEligibilitySchedulesByScope.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void getRoleEligibilitySchedulesByScope(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleEligibilitySchedules()
            .listForScope("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
                "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json
func ExampleRoleEligibilitySchedulesClient_NewListForScopePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewRoleEligibilitySchedulesClient().NewListForScopePager("providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", &armauthorization.RoleEligibilitySchedulesClientListForScopeOptions{Filter: to.Ptr("assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')")})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.RoleEligibilityScheduleListResult = armauthorization.RoleEligibilityScheduleListResult{
		// 	Value: []*armauthorization.RoleEligibilitySchedule{
		// 		{
		// 			Name: to.Ptr("b1477448-2cc6-4ceb-93b4-54a202a89413"),
		// 			Type: to.Ptr("Microsoft.Authorization/RoleEligibilitySchedules"),
		// 			ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413"),
		// 			Properties: &armauthorization.RoleEligibilityScheduleProperties{
		// 				Condition: to.Ptr("@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'"),
		// 				ConditionVersion: to.Ptr("1.0"),
		// 				CreatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:33:06.300Z"); return t}()),
		// 				EndDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-09-09T21:32:28.490Z"); return t}()),
		// 				ExpandedProperties: &armauthorization.ExpandedProperties{
		// 					Principal: &armauthorization.ExpandedPropertiesPrincipal{
		// 						Type: to.Ptr("User"),
		// 						DisplayName: to.Ptr("User Account"),
		// 						Email: to.Ptr("user@my-tenant.com"),
		// 						ID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 					},
		// 					RoleDefinition: &armauthorization.ExpandedPropertiesRoleDefinition{
		// 						Type: to.Ptr("BuiltInRole"),
		// 						DisplayName: to.Ptr("Contributor"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608"),
		// 					},
		// 					Scope: &armauthorization.ExpandedPropertiesScope{
		// 						Type: to.Ptr("subscription"),
		// 						DisplayName: to.Ptr("Pay-As-You-Go"),
		// 						ID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 					},
		// 				},
		// 				MemberType: to.Ptr(armauthorization.MemberTypeDirect),
		// 				PrincipalID: to.Ptr("a3bb8764-cb92-4276-9d2a-ca1e895e55ea"),
		// 				PrincipalType: to.Ptr(armauthorization.PrincipalTypeUser),
		// 				RoleDefinitionID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"),
		// 				RoleEligibilityScheduleRequestID: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6"),
		// 				Scope: to.Ptr("/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f"),
		// 				StartDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T21:33:14.557Z"); return t}()),
		// 				Status: to.Ptr(armauthorization.StatusProvisioned),
		// 				UpdatedOn: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-09-09T22:27:00.513Z"); return t}()),
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets role eligibility schedules for a resource scope.
 *
 * @summary Gets role eligibility schedules for a resource scope.
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json
 */
async function getRoleEligibilitySchedulesByScope() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
  const filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
  const options = {
    filter,
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.roleEligibilitySchedules.listForScope(scope, options)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json
// this example is just showing the usage of "RoleEligibilitySchedules_ListForScope" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// get the collection of this RoleEligibilityScheduleResource
string scope = "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f";
RoleEligibilityScheduleCollection collection = client.GetRoleEligibilitySchedules(new ResourceIdentifier(scope));

// invoke the operation and iterate over the result
string filter = "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')";
await foreach (RoleEligibilityScheduleResource item in collection.GetAllAsync(filter: filter))
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    RoleEligibilityScheduleData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine("Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:: 200

{
  "value": [
    {
      "properties": {
        "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
        "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
        "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
        "principalType": "User",
        "status": "Provisioned",
        "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6",
        "startDateTime": "2020-09-09T21:33:14.557Z",
        "endDateTime": "2021-09-09T21:32:28.49Z",
        "memberType": "Direct",
        "createdOn": "2020-09-09T21:33:06.3Z",
        "updatedOn": "2020-09-09T22:27:00.513Z",
        "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'",
        "conditionVersion": "1.0",
        "expandedProperties": {
          "scope": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f",
            "displayName": "Pay-As-You-Go",
            "type": "subscription"
          },
          "roleDefinition": {
            "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608",
            "displayName": "Contributor",
            "type": "BuiltInRole"
          },
          "principal": {
            "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea",
            "displayName": "User Account",
            "email": "user@my-tenant.com",
            "type": "User"
          }
        }
      },
      "name": "b1477448-2cc6-4ceb-93b4-54a202a89413",
      "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413",
      "type": "Microsoft.Authorization/RoleEligibilitySchedules"
    }
  ]
}

Definitionen

Name	Beschreibung
CloudError	Eine Fehlerantwort des Diensts.
CloudErrorBody	Eine Fehlerantwort des Diensts.
ExpandedProperties
MemberType	Mitgliedschaftstyp des Rollenberechtigungszeitplans
Principal	Details des Prinzipals
principalType	Der Prinzipaltyp der zugewiesenen Prinzipal-ID.
RoleDefinition	Details zur Rollendefinition
RoleEligibilitySchedule	Rollenberechtigungszeitplan
RoleEligibilityScheduleListResult	Ergebnis des Listenvorgangs für rollenberechtigungsberechtigte Listen.
Scope	Details zum Ressourcenbereich
Status	Der Status des Rollenberechtigungszeitplans.

CloudError

Objekt

Eine Fehlerantwort des Diensts.

Name	Typ	Beschreibung
error	CloudErrorBody	Eine Fehlerantwort des Diensts.

CloudErrorBody

Objekt

Eine Fehlerantwort des Diensts.

Name	Typ	Beschreibung
code	string	Ein Bezeichner für den Fehler. Codes sind unveränderlich und sollen programmgesteuert genutzt werden.
message	string	Eine Meldung, die den Fehler beschreibt, der für die Anzeige in einer Benutzeroberfläche geeignet ist.

ExpandedProperties

Objekt

Name	Typ	Beschreibung
principal	Principal	Details des Prinzipals
roleDefinition	RoleDefinition	Details zur Rollendefinition
scope	Scope	Details zum Ressourcenbereich

MemberType

Enumeration

Mitgliedschaftstyp des Rollenberechtigungszeitplans

Wert	Beschreibung
Inherited
Direct
Group

Principal

Objekt

Details des Prinzipals

Name	Typ	Beschreibung
displayName	string	Anzeigename des Prinzipals
email	string	E-Mail-ID des Prinzipals
id	string	ID des Prinzipals
type	string	Typ des Prinzipals

principalType

Enumeration

Der Prinzipaltyp der zugewiesenen Prinzipal-ID.

Wert	Beschreibung
User
Group
ServicePrincipal
ForeignGroup
Device

RoleDefinition

Objekt

Details zur Rollendefinition

Name	Typ	Beschreibung
displayName	string	Anzeigename der Rollendefinition
id	string	ID der Rollendefinition
type	string	Typ der Rollendefinition