diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 9490dc6f1cb..945a04a0aea 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -22,6 +22,7 @@ /src/command_modules/azure-cli-keyvault/ @tjprescott /src/command_modules/azure-cli-monitor/ @troydai /src/command_modules/azure-cli-network/ @tjprescott +/src/command_modules/azure-cli-policyinsights/ @bulentelmaci /src/command_modules/azure-cli-profile/ @yugangw-msft /src/command_modules/azure-cli-storage/ @troydai /src/command_modules/azure-cli-servicefabric/ @QingChenmsft diff --git a/doc/sphinx/azhelpgen/doc_source_map.json b/doc/sphinx/azhelpgen/doc_source_map.json index ab7ed8d763b..214c1a19028 100644 --- a/doc/sphinx/azhelpgen/doc_source_map.json +++ b/doc/sphinx/azhelpgen/doc_source_map.json @@ -36,6 +36,7 @@ "monitor": "src/command_modules/azure-cli-monitor/azure/cli/command_modules/monitor/_help.py", "network": "src/command_modules/azure-cli-network/azure/cli/command_modules/network/_help.py", "policy": "src/command_modules/azure-cli-resource/azure/cli/command_modules/resource/_help.py", + "policyinsights": "src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_help.py", "provider": "src/command_modules/azure-cli-resource/azure/cli/command_modules/resource/_help.py", "rdbms": "src/command_modules/azure-cli-rdbms/azure/cli/command_modules/rdbms/_help.py", "redis": "src/command_modules/azure-cli-redis/azure/cli/command_modules/redis/_help.py", diff --git a/src/command_modules/azure-cli-policyinsights/HISTORY.rst b/src/command_modules/azure-cli-policyinsights/HISTORY.rst new file mode 100644 index 00000000000..8a5b4aa0d99 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/HISTORY.rst @@ -0,0 +1,9 @@ +.. :changelog: + +Release History +=============== + +0.1.0 +++++++++++++++++++ + +* Initial Release diff --git a/src/command_modules/azure-cli-policyinsights/MANIFEST.in b/src/command_modules/azure-cli-policyinsights/MANIFEST.in new file mode 100644 index 00000000000..bb37a2723da --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/MANIFEST.in @@ -0,0 +1 @@ +include *.rst diff --git a/src/command_modules/azure-cli-policyinsights/README.rst b/src/command_modules/azure-cli-policyinsights/README.rst new file mode 100644 index 00000000000..f5706b5564c --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/README.rst @@ -0,0 +1,7 @@ +Microsoft Azure CLI 'policyinsights' Command Module +=================================================== + +This package is for the 'policyinsights' module. +i.e. 'az policy event' and 'az policy state' + + diff --git a/src/command_modules/azure-cli-policyinsights/azure/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/__init__.py new file mode 100644 index 00000000000..a9dfa5391b9 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/__init__.py @@ -0,0 +1,7 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +import pkg_resources +pkg_resources.declare_namespace(__name__) diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/cli/__init__.py new file mode 100644 index 00000000000..a9dfa5391b9 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/__init__.py @@ -0,0 +1,7 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +import pkg_resources +pkg_resources.declare_namespace(__name__) diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/__init__.py new file mode 100644 index 00000000000..a9dfa5391b9 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/__init__.py @@ -0,0 +1,7 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +import pkg_resources +pkg_resources.declare_namespace(__name__) diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/__init__.py new file mode 100644 index 00000000000..db807188c61 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/__init__.py @@ -0,0 +1,39 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +# pylint: disable=unused-import + +from azure.cli.command_modules.policyinsights._help import helps +from azure.cli.core import AzCommandsLoader + + +class PolicyInsightsCommandsLoader(AzCommandsLoader): + + def __init__(self, cli_ctx=None): + from azure.cli.core.commands import CliCommandType + from ._exception_handler import policy_insights_exception_handler + + policyinsights_custom = CliCommandType( + operations_tmpl='azure.cli.command_modules.policyinsights.custom#{}', + exception_handler=policy_insights_exception_handler) + + super(PolicyInsightsCommandsLoader, self).__init__( + cli_ctx=cli_ctx, + min_profile='2017-03-10-profile', + custom_command_type=policyinsights_custom) + + def load_command_table(self, args): + from .commands import load_command_table + + load_command_table(self, args) + return self.command_table + + def load_arguments(self, command): + from ._params import load_arguments + + load_arguments(self, command) + + +COMMAND_LOADER_CLS = PolicyInsightsCommandsLoader diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_client_factory.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_client_factory.py new file mode 100644 index 00000000000..6bafe3ff6d3 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_client_factory.py @@ -0,0 +1,19 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + + +def _cf_policy_insights(cli_ctx, **_): + from azure.cli.core.commands.client_factory import get_mgmt_service_client + from azure.mgmt.policyinsights import PolicyInsightsClient + + return get_mgmt_service_client(cli_ctx, PolicyInsightsClient, subscription_bound=False) + + +def policy_events_operations(cli_ctx, _): + return _cf_policy_insights(cli_ctx).policy_events + + +def policy_states_operations(cli_ctx, _): + return _cf_policy_insights(cli_ctx).policy_states diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_exception_handler.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_exception_handler.py new file mode 100644 index 00000000000..16197cd3c6b --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_exception_handler.py @@ -0,0 +1,19 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from azure.cli.core.util import CLIError + + +def policy_insights_exception_handler(ex): + from azure.mgmt.policyinsights.models import QueryFailureException + + if isinstance(ex, QueryFailureException): + message = '({}) {}'.format(ex.error.error.code, ex.error.error.message) + raise CLIError(message) + else: + import sys + from six import reraise + + reraise(*sys.exc_info()) diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_help.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_help.py new file mode 100644 index 00000000000..23035df5ccd --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_help.py @@ -0,0 +1,174 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from knack.help_files import helps + +helps['policy event'] = """ + type: group + short-summary: Manage policy events. +""" +helps['policy event list'] = """ + type: command + short-summary: List policy events. + examples: + - name: Get policy events at current subscription scope created in the last day. + text: > + az policy event list + - name: Get policy events at management group scope. + text: > + az policy event list -m "myMg" + - name: Get policy events at resource group scope in current subscription. + text: > + az policy event list -g "myRg" + - name: Get policy events for a resource using resource ID. + text: > + az policy event list --resource "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup /providers/Microsoft.EventHub/namespaces/myns1/eventhubs/eh1/consumergroups/cg1" + - name: Get policy events for a resource using resource name. + text: > + az policy event list --resource "myKeyVault" --namespace "Microsoft.KeyVault" --resource-type "vaults" -g "myresourcegroup" + - name: Get policy events for a nested resource using resource name. + text: > + az policy event list --resource "myRule1" --namespace "Microsoft.Network" --resource-type "securityRules" --parent "networkSecurityGroups/mysecuritygroup1" -g "myresourcegroup" + - name: Get policy events for a policy set definition in current subscription. + text: > + az policy event list -s "fff58873-fff8-fff5-fffc-fffbe7c9d697" + - name: Get policy events for a policy definition in current subscription. + text: > + az policy event list -d "fff69973-fff8-fff5-fffc-fffbe7c9d698" + - name: Get policy events for a policy assignment in current subscription. + text: > + az policy event list -a "ddd8ef92e3714a5ea3d208c1" + - name: Get policy events for a policy assignment in the specified resource group in current subscription. + text: > + az policy event list -g "myRg" -a "ddd8ef92e3714a5ea3d208c1" + - name: Get top 5 policy events in current subscription, selecting a subset of properties and customizing ordering. + text: > + az policy event list --top 5 --order-by "timestamp desc, policyAssignmentName asc" --select "timestamp, resourceId, policyAssignmentId, policySetDefinitionId, policyDefinitionId" + - name: Get policy events in current subscription during a custom time interval. + text: > + az policy event list --from "2018-03-08T00:00:00Z" --to "2018-03-15T00:00:00Z" + - name: Get policy events in current subscription filtering results based on some property values. + text: > + az policy event list --filter "(policyDefinitionAction eq 'deny' or policyDefinitionAction eq 'audit') and resourceLocation ne 'eastus'" + - name: Get number of policy events in current subscription. + text: > + az policy event list --apply "aggregate($count as numberOfRecords)" + - name: Get policy events in current subscription aggregating results based on some properties. + text: > + az policy event list --apply "groupby((policyAssignmentId, policyDefinitionId, policyDefinitionAction, resourceId), aggregate($count as numEvents))" + - name: Get policy events in current subscription grouping results based on some properties. + text: > + az policy event list --apply "groupby((policyAssignmentName, resourceId))" + - name: Get policy events in current subscription aggregating results based on some properties specifying multiple groupings. + text: > + az policy event list --apply "groupby((policyAssignmentId, policyDefinitionId, resourceId))/groupby((policyAssignmentId, policyDefinitionId), aggregate($count as numResourcesWithEvents))" +""" +helps['policy state'] = """ + type: group + short-summary: Manage policy compliance states. +""" +helps['policy state list'] = """ + type: command + short-summary: List policy compliance states. + examples: + - name: Get latest policy states at current subscription scope. + text: > + az policy state list + - name: Get all policy states at current subscription scope. + text: > + az policy state list --all + - name: Get latest policy states at management group scope. + text: > + az policy state list -m "myMg" + - name: Get latest policy states at resource group scope in current subscription. + text: > + az policy state list -g "myRg" + - name: Get latest policy states for a resource using resource ID. + text: > + az policy state list --resource "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup /providers/Microsoft.EventHub/namespaces/myns1/eventhubs/eh1/consumergroups/cg1" + - name: Get latest policy states for a resource using resource name. + text: > + az policy state list --resource "myKeyVault" --namespace "Microsoft.KeyVault" --resource-type "vaults" -g "myresourcegroup" + - name: Get latest policy states for a nested resource using resource name. + text: > + az policy state list --resource "myRule1" --namespace "Microsoft.Network" --resource-type "securityRules" --parent "networkSecurityGroups/mysecuritygroup1" -g "myresourcegroup" + - name: Get latest policy states for a policy set definition in current subscription. + text: > + az policy state list -s "fff58873-fff8-fff5-fffc-fffbe7c9d697" + - name: Get latest policy states for a policy definition in current subscription. + text: > + az policy state list -d "fff69973-fff8-fff5-fffc-fffbe7c9d698" + - name: Get latest policy states for a policy assignment in current subscription. + text: > + az policy state list -a "ddd8ef92e3714a5ea3d208c1" + - name: Get latest policy states for a policy assignment in the specified resource group in current subscription. + text: > + az policy state list -g "myRg" -a "ddd8ef92e3714a5ea3d208c1" + - name: Get top 5 latest policy states in current subscription, selecting a subset of properties and customizing ordering. + text: > + az policy state list --top 5 --order-by "timestamp desc, policyAssignmentName asc" --select "timestamp, resourceId, policyAssignmentId, policySetDefinitionId, policyDefinitionId" + - name: Get latest policy states in current subscription during a custom time interval. + text: > + az policy state list --from "2018-03-08T00:00:00Z" --to "2018-03-15T00:00:00Z" + - name: Get latest policy states in current subscription filtering results based on some property values. + text: > + az policy state list --filter "(policyDefinitionAction eq 'deny' or policyDefinitionAction eq 'audit') and resourceLocation ne 'eastus'" + - name: Get number of latest policy states in current subscription. + text: > + az policy state list --apply "aggregate($count as numberOfRecords)" + - name: Get latest policy states in current subscription aggregating results based on some properties. + text: > + az policy state list --apply "groupby((policyAssignmentId, policySetDefinitionId, policyDefinitionReferenceId, policyDefinitionId), aggregate($count as numStates))" + - name: Get latest policy states in current subscription grouping results based on some properties. + text: > + az policy state list --apply "groupby((policyAssignmentName, resourceId))" + - name: Get latest policy states in current subscription aggregating results based on some properties specifying multiple groupings. + text: > + az policy state list --apply "groupby((policyAssignmentId, policySetDefinitionId, policyDefinitionReferenceId, policyDefinitionId, resourceId))/groupby((policyAssignmentId, policySetDefinitionId, policyDefinitionReferenceId, policyDefinitionId), aggregate($count as numNonCompliantResources))" +""" +helps['policy state summarize'] = """ + type: command + short-summary: Summarize policy compliance states. + examples: + - name: Get latest non-compliant policy states summary at current subscription scope. + text: > + az policy state summarize + - name: Get latest non-compliant policy states summary at management group scope. + text: > + az policy state summarize -m "myMg" + - name: Get latest non-compliant policy states summary at resource group scope in current subscription. + text: > + az policy state summarize -g "myRg" + - name: Get latest non-compliant policy states summary for a resource using resource ID. + text: > + az policy state summarize --resource "/subscriptions/fff10b27-fff3-fff5-fff8-fffbe01e86a5/resourceGroups/myResourceGroup /providers/Microsoft.EventHub/namespaces/myns1/eventhubs/eh1/consumergroups/cg1" + - name: Get latest non-compliant policy states summary for a resource using resource name. + text: > + az policy state summarize --resource "myKeyVault" --namespace "Microsoft.KeyVault" --resource-type "vaults" -g "myresourcegroup" + - name: Get latest non-compliant policy states summary for a nested resource using resource name. + text: > + az policy state summarize --resource "myRule1" --namespace "Microsoft.Network" --resource-type "securityRules" --parent "networkSecurityGroups/mysecuritygroup1" -g "myresourcegroup" + - name: Get latest non-compliant policy states summary for a policy set definition in current subscription. + text: > + az policy state summarize -s "fff58873-fff8-fff5-fffc-fffbe7c9d697" + - name: Get latest non-compliant policy states summary for a policy definition in current subscription. + text: > + az policy state summarize -d "fff69973-fff8-fff5-fffc-fffbe7c9d698" + - name: Get latest non-compliant policy states summary for a policy assignment in current subscription. + text: > + az policy state summarize -a "ddd8ef92e3714a5ea3d208c1" + - name: Get latest non-compliant policy states summary for a policy assignment in the specified resource group in current subscription. + text: > + az policy state summarize -g "myRg" -a "ddd8ef92e3714a5ea3d208c1" + - name: Get latest non-compliant policy states summary in current subscription, limiting the assignments summary to top 5. + text: > + az policy state summarize --top 5 + - name: Get latest non-compliant policy states summary in current subscription for a custom time interval. + text: > + az policy state summarize --from "2018-03-08T00:00:00Z" --to "2018-03-15T00:00:00Z" + - name: Get latest non-compliant policy states summary in current subscription filtering results based on some property values. + text: > + az policy state summarize --filter "(policyDefinitionAction eq 'deny' or policyDefinitionAction eq 'audit') and resourceLocation ne 'eastus'" +""" diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_params.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_params.py new file mode 100644 index 00000000000..a0a5fe6af24 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_params.py @@ -0,0 +1,110 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from azure.cli.core.commands.parameters import resource_group_name_type + +from azure.cli.command_modules.resource._completers import ( + get_policy_set_completion_list, get_policy_completion_list, + get_policy_assignment_completion_list, get_providers_completion_list, get_resource_types_completion_list) + +from ._validators import validate_resource + + +def load_arguments(self, _): + for scope in ['state', 'event']: + with self.argument_context('policy {}'.format(scope)) as c: + c.argument( + 'management_group_name', + options_list=['--management-group', '-m'], + arg_group='Scope', + help='Name of management group.') + c.argument( + 'resource_group_name', + arg_type=resource_group_name_type, + arg_group='Scope') + c.argument( + 'resource', + validator=validate_resource, + arg_group='Resource ID', + help='Resource ID or resource name. If a name is given, please provide the resource group and other relevant resource id arguments.') # pylint: disable=line-too-long + c.argument( + 'namespace', + completer=get_providers_completion_list, + arg_group='Resource ID', + help='Provider namespace (Ex: ''Microsoft.Provider'').') + c.argument( + 'resource_type_parent', + options_list=['--parent'], + arg_group='Resource ID', + help='The parent path (Ex: ''resA/myA/resB/myB'').') + c.argument( + 'resource_type', + completer=get_resource_types_completion_list, + arg_group='Resource ID', + help='Resource type (Ex: ''resC'').') + c.argument( + 'policy_set_definition_name', + options_list=['--policy-set-definition', '-s'], + completer=get_policy_set_completion_list, + arg_group='Scope', + help='Name of policy set definition.') + c.argument( + 'policy_definition_name', + options_list=['--policy-definition', '-d'], + completer=get_policy_completion_list, + arg_group='Scope', + help='Name of policy definition.') + c.argument( + 'policy_assignment_name', + options_list=['--policy-assignment', '-a'], + completer=get_policy_assignment_completion_list, + arg_group='Scope', + help='Name of policy assignment.') + c.argument( + 'from_value', + options_list=['--from'], + arg_group='Query Option', + help='ISO 8601 formatted timestamp specifying the start time of the interval to query.') + c.argument( + 'to_value', + options_list=['--to'], + arg_group='Query Option', + help='ISO 8601 formatted timestamp specifying the end time of the interval to query.') + c.argument( + 'top_value', + options_list=['--top'], + type=int, + arg_group='Query Option', + help='Maximum number of records to return.') + c.argument( + 'order_by_clause', + options_list=['--order-by'], + arg_group='Query Option', + help='Ordering expression using OData notation.') + c.argument( + 'select_clause', + options_list=['--select'], + arg_group='Query Option', + help='Select expression using OData notation.') + c.argument( + 'filter_clause', + options_list=['--filter'], + arg_group='Query Option', + help='Filter expression using OData notation.') + c.argument( + 'apply_clause', + options_list=['--apply'], + arg_group='Query Option', + help='Apply expression for aggregations using OData notation.') + + with self.argument_context('policy state') as c: + c.argument( + 'all_results', + options_list=['--all'], + action='store_true', + help='Within the specified time interval, get all policy states instead of the latest only.') + + with self.argument_context('policy state summarize') as c: + c.ignore('all_results', 'order_by_clause', 'select_clause', 'apply_clause') diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_validators.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_validators.py new file mode 100644 index 00000000000..def054ae2f1 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/_validators.py @@ -0,0 +1,16 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from msrestazure.tools import is_valid_resource_id +from knack.util import CLIError + + +def validate_resource(cmd, namespace): # pylint: disable=unused-argument + if namespace.resource: + if not is_valid_resource_id(namespace.resource): + if not namespace.namespace: + raise CLIError('--namespace is required if --resource is not a resource ID.') + if not namespace.resource_type: + raise CLIError('--resource-type is required if --resource is not a resource ID.') diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/commands.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/commands.py new file mode 100644 index 00000000000..819eda22c40 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/commands.py @@ -0,0 +1,27 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from azure.cli.core.commands import CliCommandType +from ._client_factory import (policy_events_operations, policy_states_operations) +from ._exception_handler import policy_insights_exception_handler + + +def load_command_table(self, _): + policy_events_sdk = CliCommandType( + operations_tmpl='azure.mgmt.policyinsights.operations.policy_events_operations#PolicyEventsOperations.{}', + exception_handler=policy_insights_exception_handler + ) + + policy_states_sdk = CliCommandType( + operations_tmpl='azure.mgmt.policyinsights.operations.policy_states_operations#PolicyStatesOperations.{}', + exception_handler=policy_insights_exception_handler + ) + + with self.command_group('policy event', policy_events_sdk, client_factory=policy_events_operations) as g: + g.custom_command('list', 'list_policy_events') + + with self.command_group('policy state', policy_states_sdk, client_factory=policy_states_operations) as g: + g.custom_command('list', 'list_policy_states') + g.custom_command('summarize', 'summarize_policy_states') diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/custom.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/custom.py new file mode 100644 index 00000000000..aca924e2dc6 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/custom.py @@ -0,0 +1,282 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from msrestazure.tools import is_valid_resource_id, resource_id +from azure.cli.core.commands.client_factory import get_subscription_id + + +def list_policy_events( + cmd, + client, + management_group_name=None, + resource_group_name=None, + resource=None, + namespace=None, + resource_type_parent=None, + resource_type=None, + policy_set_definition_name=None, + policy_definition_name=None, + policy_assignment_name=None, + from_value=None, + to_value=None, + order_by_clause=None, + select_clause=None, + top_value=None, + filter_clause=None, + apply_clause=None): + + from azure.mgmt.policyinsights.models import QueryOptions + + query_options = QueryOptions( + top=top_value, + order_by=order_by_clause, + select=select_clause, + from_property=from_value, + to=to_value, + filter=filter_clause, + apply=apply_clause) + + subscription_id = get_subscription_id(cmd.cli_ctx) + + if policy_assignment_name: + if resource_group_name: + events = client.list_query_results_for_resource_group_level_policy_assignment( + subscription_id, + resource_group_name, + policy_assignment_name, + query_options) + else: + events = client.list_query_results_for_subscription_level_policy_assignment( + subscription_id, + policy_assignment_name, + query_options) + elif policy_definition_name: + events = client.list_query_results_for_policy_definition( + subscription_id, + policy_definition_name, + query_options) + elif policy_set_definition_name: + events = client.list_query_results_for_policy_set_definition( + subscription_id, + policy_set_definition_name, + query_options) + elif resource: + if not is_valid_resource_id(resource): + if resource_type_parent: + resource_type_parent = _remove_leading_and_trailing_slash(resource_type_parent) + resource_type = "{}/{}".format(resource_type_parent, resource_type) + resource = resource_id( + subscription=subscription_id, + resource_group=resource_group_name, + namespace=namespace, + type=resource_type, + name=resource) + events = client.list_query_results_for_resource( + resource, + query_options) + elif resource_group_name: + events = client.list_query_results_for_resource_group( + subscription_id, + resource_group_name, + query_options) + elif management_group_name: + events = client.list_query_results_for_management_group( + management_group_name, + query_options) + else: + events = client.list_query_results_for_subscription( + subscription_id, + query_options) + + return events.value + + +def list_policy_states( + cmd, + client, + all_results=False, + management_group_name=None, + resource_group_name=None, + resource=None, + namespace=None, + resource_type_parent=None, + resource_type=None, + policy_set_definition_name=None, + policy_definition_name=None, + policy_assignment_name=None, + from_value=None, + to_value=None, + order_by_clause=None, + select_clause=None, + top_value=None, + filter_clause=None, + apply_clause=None): + + from azure.mgmt.policyinsights.models import QueryOptions + + query_options = QueryOptions( + top=top_value, + order_by=order_by_clause, + select=select_clause, + from_property=from_value, + to=to_value, + filter=filter_clause, + apply=apply_clause) + + policy_states_resource = 'latest' + if all_results is True: + policy_states_resource = 'default' + + subscription_id = get_subscription_id(cmd.cli_ctx) + + if policy_assignment_name: + if resource_group_name: + states = client.list_query_results_for_resource_group_level_policy_assignment( + policy_states_resource, + subscription_id, + resource_group_name, + policy_assignment_name, + query_options) + else: + states = client.list_query_results_for_subscription_level_policy_assignment( + policy_states_resource, + subscription_id, + policy_assignment_name, + query_options) + elif policy_definition_name: + states = client.list_query_results_for_policy_definition( + policy_states_resource, + subscription_id, + policy_definition_name, + query_options) + elif policy_set_definition_name: + states = client.list_query_results_for_policy_set_definition( + policy_states_resource, + subscription_id, + policy_set_definition_name, + query_options) + elif resource: + if not is_valid_resource_id(resource): + if resource_type_parent: + resource_type_parent = _remove_leading_and_trailing_slash(resource_type_parent) + resource_type = "{}/{}".format(resource_type_parent, resource_type) + resource = resource_id( + subscription=subscription_id, + resource_group=resource_group_name, + namespace=namespace, + type=resource_type, + name=resource) + states = client.list_query_results_for_resource( + policy_states_resource, + resource, + query_options) + elif resource_group_name: + states = client.list_query_results_for_resource_group( + policy_states_resource, + subscription_id, + resource_group_name, + query_options) + elif management_group_name: + states = client.list_query_results_for_management_group( + policy_states_resource, + management_group_name, + query_options) + else: + states = client.list_query_results_for_subscription( + policy_states_resource, + subscription_id, + query_options) + + return states.value + + +def summarize_policy_states( + cmd, + client, + management_group_name=None, + resource_group_name=None, + resource=None, + namespace=None, + resource_type_parent=None, + resource_type=None, + policy_set_definition_name=None, + policy_definition_name=None, + policy_assignment_name=None, + from_value=None, + to_value=None, + top_value=None, + filter_clause=None): + + from azure.mgmt.policyinsights.models import QueryOptions + + query_options = QueryOptions( + top=top_value, + from_property=from_value, + to=to_value, + filter=filter_clause) + + subscription_id = get_subscription_id(cmd.cli_ctx) + + if policy_assignment_name: + if resource_group_name: + summary = client.summarize_for_resource_group_level_policy_assignment( + subscription_id, + resource_group_name, + policy_assignment_name, + query_options) + else: + summary = client.summarize_for_subscription_level_policy_assignment( + subscription_id, + policy_assignment_name, + query_options) + elif policy_definition_name: + summary = client.summarize_for_policy_definition( + subscription_id, + policy_definition_name, + query_options) + elif policy_set_definition_name: + summary = client.summarize_for_policy_set_definition( + subscription_id, + policy_set_definition_name, + query_options) + elif resource: + if not is_valid_resource_id(resource): + if resource_type_parent: + resource_type_parent = _remove_leading_and_trailing_slash(resource_type_parent) + resource_type = "{}/{}".format(resource_type_parent, resource_type) + resource = resource_id( + subscription=subscription_id, + resource_group=resource_group_name, + namespace=namespace, + type=resource_type, + name=resource) + summary = client.summarize_for_resource( + resource, + query_options) + elif resource_group_name: + summary = client.summarize_for_resource_group( + subscription_id, + resource_group_name, + query_options) + elif management_group_name: + summary = client.summarize_for_management_group( + management_group_name, + query_options) + else: + summary = client.summarize_for_subscription( + subscription_id, + query_options) + + return summary.value[0] + + +def _remove_leading_and_trailing_slash(s): + if s: + if s.startswith('/'): + s = s[1:] + if s.endswith('/'): + s = s[:-1] + + return s diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/__init__.py new file mode 100644 index 00000000000..34913fb394d --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/__init__.py @@ -0,0 +1,4 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/__init__.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/__init__.py new file mode 100644 index 00000000000..34913fb394d --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/__init__.py @@ -0,0 +1,4 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/recordings/test_policy_insights.yaml b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/recordings/test_policy_insights.yaml new file mode 100644 index 00000000000..d082568da34 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/recordings/test_policy_insights.yaml @@ -0,0 +1,994 @@ +interactions: +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/centraluseuapnsggroup/providers/microsoft.network/networksecuritygroups/centraluseuapnsg/securityrules/cleanuptool-3389-corpnet-647940a2-6f30-49cd-a7cb-9dfb2c313c43","numRecords":176},{"@odata.id":null,"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/centraluseuapnsggroup/providers/microsoft.network/networksecuritygroups/centraluseuapnsg/securityrules/cleanuptool-3389-corpnet-647940a2-6f30-49cd-a7cb-9dfb2c313c43","numRecords":176}]}'} + headers: + cache-control: [no-cache] + content-length: ['1449'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:36 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/aatestrg/providers/microsoft.analysisservices/servers/rashmianalysisservices","numRecords":8},{"@odata.id":null,"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/aatestrg/providers/microsoft.analysisservices/servers/rashmianalysisservices","numRecords":8}]}'} + headers: + cache-control: [no-cache] + content-length: ['1266'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:39 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":22205,"nonCompliantPolicies":24},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8''","nonCompliantResources":22205,"nonCompliantPolicies":2},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":20983}},{"policyDefinitionReferenceId":"15521232277412542086","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''15521232277412542086''","nonCompliantResources":17044}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a''","nonCompliantResources":22205,"nonCompliantPolicies":2},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":20983}},{"policyDefinitionReferenceId":"15521232277412542086","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/providers/Microsoft.Management/managementGroups/azgovtest4/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''15521232277412542086''","nonCompliantResources":17044}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['6568'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:46 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/centraluseuapnsggroup/providers/microsoft.network/networksecuritygroups/centraluseuapnsg/securityrules/cleanuptool-3389-corpnet-647940a2-6f30-49cd-a7cb-9dfb2c313c43","numRecords":176},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/centraluseuapnsggroup/providers/microsoft.network/networksecuritygroups/centraluseuapnsg/securityrules/cleanuptool-3389-corpnet-647940a2-6f30-49cd-a7cb-9dfb2c313c43","numRecords":176}]}'} + headers: + cache-control: [no-cache] + content-length: ['1425'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:47 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/aatestrg/providers/microsoft.analysisservices/servers/rashmianalysisservices","numRecords":8},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/aatestrg/providers/microsoft.analysisservices/servers/rashmianalysisservices","numRecords":8}]}'} + headers: + cache-control: [no-cache] + content-length: ['1242'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:49 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":18536,"nonCompliantPolicies":23},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8''","nonCompliantResources":18536,"nonCompliantPolicies":2},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":17506}},{"policyDefinitionReferenceId":"15521232277412542086","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''15521232277412542086''","nonCompliantResources":13720}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a''","nonCompliantResources":18536,"nonCompliantPolicies":2},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":17506}},{"policyDefinitionReferenceId":"15521232277412542086","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''15521232277412542086''","nonCompliantResources":13720}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['6496'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:53 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/defaultresourcegroup-eus/providers/microsoft.operationalinsights/workspaces/defaultworkspace-0b88dfdb-55b3-4fb0-b474-5b6dcbe6b2ef-eus/linkedservices/security","numRecords":116},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/defaultresourcegroup-eus/providers/microsoft.operationalinsights/workspaces/defaultworkspace-0b88dfdb-55b3-4fb0-b474-5b6dcbe6b2ef-eus/linkedservices/security","numRecords":82}]}'} + headers: + cache-control: [no-cache] + content-length: ['1530'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:54 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/defaultresourcegroup-eus/providers/microsoft.operationsmanagement/solutions/changetracking(defaultworkspace-0b88dfdb-55b3-4fb0-b474-5b6dcbe6b2ef-eus)","numRecords":3},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/defaultresourcegroup-eus/providers/microsoft.operationsmanagement/solutions/changetracking(defaultworkspace-0b88dfdb-55b3-4fb0-b474-5b6dcbe6b2ef-eus)","numRecords":3}]}'} + headers: + cache-control: [no-cache] + content-length: ['1508'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:55 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":7,"nonCompliantPolicies":3},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a''","nonCompliantResources":7,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":7}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c''","nonCompliantResources":7,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":7}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['4558'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:57 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba","numRecords":1},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['1636'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:58 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba","numRecords":1},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['1633'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:07:59 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":1,"nonCompliantPolicies":3},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","policySetDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policysetdefinitions/335cefd2-ab16-430f-b364-974a170eb1d5","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"4337452039094051187","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d'' + and PolicyDefinitionReferenceId eq ''4337452039094051187''","nonCompliantResources":1}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":1}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['5083'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:01 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut","numRecords":2},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/95816fce53454b15a7ed803d","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['1571'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:01 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut","numRecords":6},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut","numRecords":6}]}'} + headers: + cache-control: [no-cache] + content-length: ['1568'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:03 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":1,"nonCompliantPolicies":7},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":1}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/omssecurityintresourcegroup/providers/microsoft.keyvault/vaults/omssecuritydevkeyvalut/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":1}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['4765'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:04 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default","numRecords":2},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default","numRecords":2}]}'} + headers: + cache-control: [no-cache] + content-length: ['1551'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:05 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/22005cc594164636a6444db8","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default","numRecords":6},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/1ef5d536aec743a0aa801c1a","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default","numRecords":6}]}'} + headers: + cache-control: [no-cache] + content-length: ['1548'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:06 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":1,"nonCompliantPolicies":7},"policyAssignments":[{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policyassignments/186044306c044a1d8c0ff76c'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":1}}]},{"policyAssignmentId":"/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mms-wcus/providers/microsoft.network/virtualnetworks/mms-wcus-vnet/subnets/default/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/providers/microsoft.management/managementgroups/azgovtest2/providers/microsoft.authorization/policyassignments/e9ad4ab40dfb4549a998cfcc'' + and PolicyDefinitionId eq ''/providers/microsoft.management/managementgroups/azgovtest1/providers/microsoft.authorization/policydefinitions/022d9357-5a90-46f7-9554-21d30ce4c32d''","nonCompliantResources":1}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['4737'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:07 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":0,"value":[]}'} + headers: + cache-control: [no-cache] + content-length: ['286'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:08 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":0,"value":[]}'} + headers: + cache-control: [no-cache] + content-length: ['285'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:09 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/335cefd2-ab16-430f-b364-974a170eb1d5/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":0,"nonCompliantPolicies":0},"policyAssignments":[]}]}'} + headers: + cache-control: [no-cache] + content-length: ['1046'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:10 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/c7330451f3e34e54ae6712e1","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.keyvault/vaults/rashmi-kv-test","numRecords":1},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/f6f08ec4878644d7bc5e020b","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.keyvault/vaults/rashmi-kv-test","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['1534'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:11 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":2,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/17bd552d9ec84b538893a691","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.keyvault/vaults/rashmi-kv-test5","numRecords":3},{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/7fd638704a88457e8c0ae077","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.keyvault/vaults/rashmi-kv-test5","numRecords":3}]}'} + headers: + cache-control: [no-cache] + content-length: ['1533'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:11 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":5,"nonCompliantPolicies":7},"policyAssignments":[{"policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/cfe746abc6f341c58872a005","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/cfe746abc6f341c58872a005''","nonCompliantResources":5,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016","effect":"deployifnotexists","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/cfe746abc6f341c58872a005'' + and PolicyDefinitionId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016''","nonCompliantResources":5}}]},{"policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/f6f08ec4878644d7bc5e020b","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/f6f08ec4878644d7bc5e020b''","nonCompliantResources":5,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016","effect":"deployifnotexists","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyDefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rashmi-kv-test/providers/microsoft.authorization/policyassignments/f6f08ec4878644d7bc5e020b'' + and PolicyDefinitionId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/25bf1e2a-6004-47ad-9bd1-2a40dd6de016''","nonCompliantResources":5}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['4798'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:12 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policyassignments/96e22f7846e94bb186ae3a01","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.keyvault/vaults/tipinteuskeyvault","numRecords":21}]}'} + headers: + cache-control: [no-cache] + content-length: ['868'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:13 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policyassignments/96e22f7846e94bb186ae3a01","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.keyvault/vaults/tipinteuskeyvault","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['865'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:14 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":1,"nonCompliantPolicies":1},"policyAssignments":[{"policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policyassignments/96e22f7846e94bb186ae3a01","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policyassignments/96e22f7846e94bb186ae3a01''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/92395f89-8960-42cc-95ae-62d3d1a921fc","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/96e22f7846e94bb186ae3a01/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policyassignments/96e22f7846e94bb186ae3a01'' + and PolicyDefinitionId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/92395f89-8960-42cc-95ae-62d3d1a921fc''","nonCompliantResources":1}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['2755'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:16 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy event list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyEvents/default/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyEvents/$metadata#default/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.authorization/policyassignments/bc916e4f3ab54030822a11b3","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.keyvault/vaults/tipinteuskeyvault","numRecords":21}]}'} + headers: + cache-control: [no-cache] + content-length: ['988'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:18 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state list] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$top=2&$orderby=numRecords%20desc&$select=policyAssignmentId%2C%20resourceId%2C%20numRecords&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false&$apply=groupby%28%28policyAssignmentId%2C%20resourceId%29%2C%20aggregate%28%24count%20as%20numRecords%29%29 + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity","policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.authorization/policyassignments/bc916e4f3ab54030822a11b3","resourceId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.keyvault/vaults/tipinteuskeyvault","numRecords":1}]}'} + headers: + cache-control: [no-cache] + content-length: ['985'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:18 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +- request: + body: null + headers: + Accept: [application/json] + Accept-Encoding: ['gzip, deflate'] + CommandName: [policy state summarize] + Connection: [keep-alive] + Content-Length: ['0'] + Content-Type: [application/json; charset=utf-8] + User-Agent: [python/3.6.5 (Windows-10-10.0.16299-SP0) requests/2.18.4 msrest/0.4.29 + msrest_azure/0.4.29 azure-mgmt-policyinsights/0.1.0 Azure-SDK-For-Python + AZURECLI/2.0.34] + accept-language: [en-US] + method: POST + uri: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2018-04-04&$top=2&$from=2018-04-04T00%3A00%3A00.000Z&$to=2018-05-22T00%3A00%3A00.000Z&$filter=isCompliant%20eq%20false + response: + body: {string: '{"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary","@odata.count":1,"value":[{"@odata.id":null,"@odata.context":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/$metadata#summary/$entity","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false","nonCompliantResources":1,"nonCompliantPolicies":1},"policyAssignments":[{"policyAssignmentId":"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.authorization/policyassignments/bc916e4f3ab54030822a11b3","policySetDefinitionId":"","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.authorization/policyassignments/bc916e4f3ab54030822a11b3''","nonCompliantResources":1,"nonCompliantPolicies":1},"policyDefinitions":[{"policyDefinitionReferenceId":"","policyDefinitionId":"/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/92395f89-8960-42cc-95ae-62d3d1a921fc","effect":"audit","results":{"queryResultsUri":"https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/Microsoft.Authorization/policyAssignments/bc916e4f3ab54030822a11b3/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2018-04-04&$from=2018-04-04 + 00:00:00Z&$to=2018-05-22 00:00:00Z&$filter=(isCompliant eq false) and IsCompliant + eq false and PolicyAssignmentId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/tipkeyvaultresourcegroup/providers/microsoft.authorization/policyassignments/bc916e4f3ab54030822a11b3'' + and PolicyDefinitionId eq ''/subscriptions/00000000-0000-0000-0000-000000000000/providers/microsoft.authorization/policydefinitions/92395f89-8960-42cc-95ae-62d3d1a921fc''","nonCompliantResources":1}}]}]}]}'} + headers: + cache-control: [no-cache] + content-length: ['3075'] + content-type: [application/json; charset=utf-8] + date: ['Wed, 23 May 2018 00:08:19 GMT'] + expires: ['-1'] + pragma: [no-cache] + strict-transport-security: [max-age=31536000; includeSubDomains] + transfer-encoding: [chunked] + vary: ['Accept-Encoding,Accept-Encoding'] + x-content-type-options: [nosniff] + status: {code: 200, message: OK} +version: 1 diff --git a/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/test_policyinsights_scenario.py b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/test_policyinsights_scenario.py new file mode 100644 index 00000000000..7cc1ccd2747 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure/cli/command_modules/policyinsights/tests/latest/test_policyinsights_scenario.py @@ -0,0 +1,68 @@ +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from azure.cli.testsdk import ScenarioTest, record_only + + +@record_only() +class PolicyInsightsTests(ScenarioTest): + + def test_policy_insights(self): + top_clause = '--top 2' + filter_clause = '--filter "isCompliant eq false"' + apply_clause = '--apply "groupby((policyAssignmentId, resourceId), aggregate($count as numRecords))"' + select_clause = '--select "policyAssignmentId, resourceId, numRecords"' + order_by_clause = '--order-by "numRecords desc"' + from_clause = '--from "2018-04-04T00:00:00"' + to_clause = '--to "2018-05-22T00:00:00"' + scopes = [ + '-m "azgovtest4"', + '', + '-g "defaultresourcegroup-eus"', + '--resource "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/eastusnsggroup/providers/microsoft.network/networksecuritygroups/eastusnsg/securityrules/allow-joba"', + '--resource "omssecuritydevkeyvalut" --namespace "microsoft.keyvault" --resource-type "vaults" -g "omssecurityintresourcegroup"', + '--resource "default" --namespace "microsoft.network" --resource-type "subnets" --parent "virtualnetworks/mms-wcus-vnet" -g "mms-wcus"', + '-s "335cefd2-ab16-430f-b364-974a170eb1d5"', + '-d "25bf1e2a-6004-47ad-9bd1-2a40dd6de016"', + '-a "96e22f7846e94bb186ae3a01"', + '-a "bc916e4f3ab54030822a11b3" -g "tipkeyvaultresourcegroup" ' + ] + + for scope in scopes: + events = self.cmd('az policy event list {} {} {} {} {} {} {} {}'.format( + scope, + from_clause, + to_clause, + filter_clause, + apply_clause, + select_clause, + order_by_clause, + top_clause)).get_output_in_json() + assert len(events) >= 0 + + states = self.cmd('az policy state list {} {} {} {} {} {} {} {}'.format( + scope, + from_clause, + to_clause, + filter_clause, + apply_clause, + select_clause, + order_by_clause, + top_clause)).get_output_in_json() + assert len(states) >= 0 + + summary = self.cmd('az policy state summarize {} {} {} {} {}'.format( + scope, + from_clause, + to_clause, + filter_clause, + top_clause)).get_output_in_json() + assert summary["results"] is not None + assert len(summary["policyAssignments"]) >= 0 + if len(summary["policyAssignments"]) > 0: + assert summary["policyAssignments"][0]["results"] is not None + assert len(summary["policyAssignments"][0]["policyDefinitions"]) >= 0 + if len(summary["policyAssignments"][0]["policyDefinitions"]) > 0: + assert summary["policyAssignments"][0]["policyDefinitions"][0]["results"] is not None diff --git a/src/command_modules/azure-cli-policyinsights/azure_bdist_wheel.py b/src/command_modules/azure-cli-policyinsights/azure_bdist_wheel.py new file mode 100644 index 00000000000..8a81d1b6177 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/azure_bdist_wheel.py @@ -0,0 +1,54 @@ +#------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +#-------------------------------------------------------------------------- + +from distutils import log as logger +import os.path + +from wheel.bdist_wheel import bdist_wheel +class azure_bdist_wheel(bdist_wheel): + """The purpose of this class is to build wheel a little differently than the sdist, + without requiring to build the wheel from the sdist (i.e. you can build the wheel + directly from source). + """ + + description = "Create an Azure wheel distribution" + + user_options = bdist_wheel.user_options + \ + [('azure-namespace-package=', None, + "Name of the deepest nspkg used")] + + def initialize_options(self): + bdist_wheel.initialize_options(self) + self.azure_namespace_package = None + + def finalize_options(self): + bdist_wheel.finalize_options(self) + if self.azure_namespace_package and not self.azure_namespace_package.endswith("-nspkg"): + raise ValueError("azure_namespace_package must finish by -nspkg") + + def run(self): + if not self.distribution.install_requires: + self.distribution.install_requires = [] + self.distribution.install_requires.append( + "{}>=2.0.0".format(self.azure_namespace_package)) + bdist_wheel.run(self) + + def write_record(self, bdist_dir, distinfo_dir): + if self.azure_namespace_package: + # Split and remove last part, assuming it's "nspkg" + subparts = self.azure_namespace_package.split('-')[0:-1] + folder_with_init = [os.path.join(*subparts[0:i+1]) for i in range(len(subparts))] + for azure_sub_package in folder_with_init: + init_file = os.path.join(bdist_dir, azure_sub_package, '__init__.py') + if os.path.isfile(init_file): + logger.info("manually remove {} while building the wheel".format(init_file)) + os.remove(init_file) + else: + raise ValueError("Unable to find {}. Are you sure of your namespace package?".format(init_file)) + bdist_wheel.write_record(self, bdist_dir, distinfo_dir) +cmdclass = { + 'bdist_wheel': azure_bdist_wheel, +} diff --git a/src/command_modules/azure-cli-policyinsights/setup.cfg b/src/command_modules/azure-cli-policyinsights/setup.cfg new file mode 100644 index 00000000000..3326c62a76e --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/setup.cfg @@ -0,0 +1,3 @@ +[bdist_wheel] +universal=1 +azure-namespace-package=azure-cli-command_modules-nspkg diff --git a/src/command_modules/azure-cli-policyinsights/setup.py b/src/command_modules/azure-cli-policyinsights/setup.py new file mode 100644 index 00000000000..4a80a4b52b2 --- /dev/null +++ b/src/command_modules/azure-cli-policyinsights/setup.py @@ -0,0 +1,63 @@ +#!/usr/bin/env python + +# -------------------------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# -------------------------------------------------------------------------------------------- + +from codecs import open +from setuptools import setup +try: + from azure_bdist_wheel import cmdclass +except ImportError: + from distutils import log as logger + logger.warn("Wheel is not available, disabling bdist_wheel hook") + cmdclass = {} + +VERSION = "0.1.0" + +# The full list of classifiers is available at +# https://pypi.python.org/pypi?%3Aaction=list_classifiers +CLASSIFIERS = [ + 'Development Status :: 4 - Beta', + 'Intended Audience :: Developers', + 'Intended Audience :: System Administrators', + 'Programming Language :: Python', + 'Programming Language :: Python :: 2', + 'Programming Language :: Python :: 2.7', + 'Programming Language :: Python :: 3', + 'Programming Language :: Python :: 3.4', + 'Programming Language :: Python :: 3.5', + 'Programming Language :: Python :: 3.6', + 'License :: OSI Approved :: MIT License', +] + +DEPENDENCIES = [ + 'azure-mgmt-policyinsights==0.1.0', + 'azure-cli-core', +] + +with open('README.rst', 'r', encoding='utf-8') as f: + README = f.read() +with open('HISTORY.rst', 'r', encoding='utf-8') as f: + HISTORY = f.read() + +setup( + name='azure-cli-policyinsights', + version=VERSION, + description='Microsoft Azure Command-Line Tools Policy Insights Command Module', + long_description=README + '\n\n' + HISTORY, + license='MIT', + author='Microsoft Corporation', + author_email='azpycli@microsoft.com', + url='https://github.com/Azure/azure-cli', + classifiers=CLASSIFIERS, + packages=[ + 'azure', + 'azure.cli', + 'azure.cli.command_modules', + 'azure.cli.command_modules.policyinsights', + ], + install_requires=DEPENDENCIES, + cmdclass=cmdclass +)