governance_assignments
Creates, updates, deletes, gets or lists a governance_assignments resource.
Overview
| Name | governance_assignments |
| Type | Resource |
| Id | azure.security.governance_assignments |
Fields
The following fields are returned by SELECT queries:
- get
- list
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | The properties of a governance assignment |
systemData | object | Metadata pertaining to creation and last modification of the resource. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | The properties of a governance assignment |
systemData | object | Metadata pertaining to creation and last modification of the resource. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | scope, assessmentName, assignmentKey | api-version | Get a specific governanceAssignment for the requested scope by AssignmentKey |
list | select | scope, assessmentName | api-version | Get governance assignments on all of your resources inside a scope |
create_or_update | insert | scope, assessmentName, assignmentKey | api-version | Creates or updates a governance assignment on the given subscription. |
delete | delete | scope, assessmentName, assignmentKey | api-version | Delete a GovernanceAssignment over a given scope |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
assessmentName | string | The Assessment Key - Unique key for the assessment type |
assignmentKey | string | The governance assignment key - the assessment key of the required governance assignment |
scope | string | The scope of the standard assignment. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})' |
api-version | string | API version for the operation |
SELECT examples
- get
- list
Get a specific governanceAssignment for the requested scope by AssignmentKey
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.governance_assignments
WHERE scope = '{{ scope }}' -- required
AND assessmentName = '{{ assessmentName }}' -- required
AND assignmentKey = '{{ assignmentKey }}' -- required
AND api-version = '{{ api-version }}'
;
Get governance assignments on all of your resources inside a scope
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.governance_assignments
WHERE scope = '{{ scope }}' -- required
AND assessmentName = '{{ assessmentName }}' -- required
AND api-version = '{{ api-version }}'
;
INSERT examples
- create_or_update
- Manifest
Creates or updates a governance assignment on the given subscription.
INSERT INTO azure.security.governance_assignments (
data__properties,
scope,
assessmentName,
assignmentKey,
api-version
)
SELECT
'{{ properties }}',
'{{ scope }}',
'{{ assessmentName }}',
'{{ assignmentKey }}',
'{{ api-version }}'
RETURNING
id,
name,
properties,
systemData,
type
;
# Description fields are for documentation purposes
- name: governance_assignments
props:
- name: scope
value: string
description: Required parameter for the governance_assignments resource.
- name: assessmentName
value: string
description: Required parameter for the governance_assignments resource.
- name: assignmentKey
value: string
description: Required parameter for the governance_assignments resource.
- name: properties
value: object
description: |
The properties of a governance assignment
- name: api-version
value: string
description: API version for the operation
DELETE examples
- delete
Delete a GovernanceAssignment over a given scope
DELETE FROM azure.security.governance_assignments
WHERE scope = '{{ scope }}' --required
AND assessmentName = '{{ assessmentName }}' --required
AND assignmentKey = '{{ assignmentKey }}' --required
AND api-version = '{{ api-version }}'
;