The Microsoft Azure Purview Policy Client is a tool that enables organizations to define and enforce data governance policies within their Azure environment. This client allows users to create and manage policies that govern who can access and manipulate data, as well as how that data is classified, protected, and utilized.
swagger: '2.0'
info:
title: Microsoft Azure PurviewPolicyClient
version: 2023-06-01-preview
description: Creates a Microsoft.Purview management client.
x-typespec-generated:
- emitter: '@azure-tools/typespec-autorest'
schemes:
- https
host: management.azure.com
produces:
- application/json
consumes:
- application/json
security:
- azure_auth:
- user_impersonation
securityDefinitions:
azure_auth:
type: oauth2
description: Azure Active Directory OAuth2 Flow.
flow: implicit
authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
scopes:
user_impersonation: impersonate your user account
tags:
- name: Operations
- name: PolicyListing
- name: PurviewPolicies
paths:
/{scope}/providers/Microsoft.Purview/policies:
get:
operationId: microsoftAzurePurviewpoliciesList
tags:
- PolicyListing
- PurviewPolicies
summary: Microsoft Azure Api To List The Purview Rbac Policies Based On A Scope
description: >-
The API lists the Azure purview RBAC policies affecting the scope. The
scope can be any valid ARM resource id
parameters:
- $ref: >-
../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter
- $ref: >-
../../../../../common-types/resource-management/v5/types.json#/parameters/ScopeParameter
- $ref: '#/parameters/SkipTokenParameter'
- name: $filter
in: query
description: >-
Supported filters : $filter=policyType eq SelfService,
$filter=policyType eq SqlDevops. Returns only the policies of the
specified type. If not specified, all policies are returned.
required: false
type: string
x-ms-client-name: filter
x-ms-skip-url-encoding: true
responses:
'200':
description: Azure operation completed successfully.
schema:
$ref: '#/definitions/PolicyListResult'
default:
description: An unexpected error response.
schema:
$ref: >-
../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse
x-ms-examples:
API to list the purview RBAC policies based on a scope - generated by [MaximumSet] rule - generated by [MaximumSet] rule:
$ref: ./examples/PurviewPolicies_List_MaximumSet_Gen.json
x-ms-pageable:
nextLinkName: nextLink
/providers/Microsoft.Purview/operations:
get:
operationId: microsoftAzureOperationsList
tags:
- Operations
description: List the operations for the provider
parameters:
- $ref: >-
../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter
responses:
'200':
description: Azure operation completed successfully.
schema:
$ref: >-
../../../../../common-types/resource-management/v5/types.json#/definitions/OperationListResult
default:
description: An unexpected error response.
schema:
$ref: >-
../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse
x-ms-examples:
Operations_List - generated by [MaximumSet] rule - generated by [MaximumSet] rule:
$ref: ./examples/Operations_List_MaximumSet_Gen.json
Operations_List - generated by [MinimumSet] rule:
$ref: ./examples/Operations_List_MinimumSet_Gen.json
x-ms-pageable:
nextLinkName: nextLink
summary: Microsoft Azure Get Providers Microsoft Purview Operations
definitions:
AadMember:
type: object
description: Azure active directory member
properties:
tenantId:
type: string
description: The tenantId of the member
objectId:
type: string
description: The objectId of the member
objectType:
$ref: '#/definitions/ObjectType'
description: The objectType of the member.
AttributePredicate:
type: object
description: Attribute predicate for a policy permission
properties:
attributeName:
type: string
description: AttributeName of a policy permission
attributeValueIncludedIn:
type: array
description: values for a policy permission
items:
type: string
Decision:
type: string
description: The effect for rule
enum:
- Permit
- Deny
x-ms-enum:
name: Decision
modelAsString: true
values:
- name: Permit
value: Permit
description: Access permitted
- name: Deny
value: Deny
description: Access denied
FabricItemMember:
type: object
description: Microsoft fabric item member
properties:
sourcePath:
type: string
description: Source path of the member
itemAccess:
type: array
description: Array of access items for the member
items:
type: string
ObjectType:
type: string
description: The objectType of the member.
enum:
- User
- Group
- ServicePrincipal
x-ms-enum:
name: ObjectType
modelAsString: true
values:
- name: User
value: User
description: AAD User object type.
- name: Group
value: Group
description: AAD Group object type.
- name: ServicePrincipal
value: ServicePrincipal
description: Service Principal object type.
Policy:
type: object
description: Purview RBAC policy
properties:
kind:
type: string
description: The policy kind
source:
type: string
description: The policy source
etag:
type: string
description: The etag version of a policy
scopes:
type: array
description: Array of scopes where the policy is published
items:
type: string
members:
$ref: '#/definitions/PolicyMembers'
description: Members of the policy
decisionRules:
type: array
description: Array of decision rules for the policy
items:
$ref: '#/definitions/PolicyDecisionRule'
x-ms-identifiers: []
expiryTime:
type: string
format: date-time
description: The timestamp of the expiry time of the policy (UTC).
requestor:
type: string
description: The AAD member who requested the policy
required:
- source
- etag
- scopes
- members
- decisionRules
allOf:
- $ref: >-
../../../../../common-types/resource-management/v5/types.json#/definitions/ProxyResource
PolicyDecisionRule:
type: object
description: Purview RBAC policy decision rule
properties:
effect:
$ref: '#/definitions/Decision'
description: The effect for rule
permission:
type: array
description: Array of attribute predicates
items:
$ref: '#/definitions/AttributePredicate'
x-ms-identifiers: []
required:
- effect
PolicyListResult:
type: object
description: The response of a Policy list operation.
properties:
value:
type: array
description: The Policy items on this page
items:
$ref: '#/definitions/Policy'
nextLink:
type: string
format: uri
description: The link to the next page of items
required:
- value
PolicyMembers:
type: object
description: Policy member
properties:
fabricItemMembers:
type: array
description: Array of azure active directory members
items:
$ref: '#/definitions/FabricItemMember'
x-ms-identifiers: []
aadMembers:
type: array
description: Array of azure active directory members
items:
$ref: '#/definitions/AadMember'
x-ms-identifiers: []
parameters:
SkipTokenParameter:
name: skipToken
in: query
description: Paging key to paginate to next page.
required: false
type: string
x-ms-parameter-location: method