Azure试用版本支持REST API进行事件查询吗?

huangapple go评论80阅读模式
英文:

Does Azure trial version support , REST api for event query?

问题

我已经创建了Azure的试用账户(默认目录)。
用于身份验证的端点-1如下,在身份验证后,当我尝试使用下面的REST API访问Azure的活动日志时,出现了以下错误:

错误:{ "error": { "code":"AuthorizationFailed","message":"客户端'52822c14-3f4a-4273-ad38-b1c746f1fbd9'的对象ID'52822c14-3f4a-4273-ad38-b1c746f1fbd9'无权执行动作'microsoft.insights/eventtypes/values/read'在范围'/subscriptions/0b618ac0-b3e7-49f3-9205-07660b77252d'上,或者范围无效。如果最近授予了访问权限,请刷新您的凭据。" } }

身份验证URL(端点-1):https://login.windows.net/****************/oauth2/token

活动日志API(端点-2):https://management.azure.com/subscriptions/*******************/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2020-01-01T20:00:00Z'

英文:

I have created trail account with Azure (Default directory).
For authentication I'm using the below endpoint-1 ,after authentication when I was trying for an access for activity logs of Azure using REST API mentioned below endpoint-2.

So I'm getting an error :
ERROR : { "error": { "code": "AuthorizationFailed", "message": "The client '52822c14-3f4a-4273-ad38-b1c746f1fbd9' with object id '52822c14-3f4a-4273-ad38-b1c746f1fbd9' does not have authorization to perform action 'microsoft.insights/eventtypes/values/read' over scope '/subscriptions/0b618ac0-b3e7-49f3-9205-07660b77252d' or the scope is invalid. If access was recently granted, please refresh your credentials." } }

Auth URL(endpoint-1) : https://login.windows.net/****************/oauth2/token

ActivityLog API (endpoint-2) : https://management.azure.com/subscriptions/*******************/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2020-01-01T20:00:00Z'

答案1

得分: 0

根据您的异常信息,很明显您的应用程序:52822c14-3f4a-4273-ad38-b1c746f1fbd9没有权限来拉取您的Azure订阅的活动日志。我也在我的环境中复现了这个问题。

要解决这个问题,您应该分配一个适当的Azure订阅角色,该角色具有拉取日志的权限。例如,如果您只想使用这个应用程序来拉取日志,您可以在Azure门户上为它分配"Reader"角色:

(插入第一个图片链接)

(插入第二个图片链接)

完成这一步后,获取一个新的访问令牌,然后您就可以拉取您所需的日志:

(插入第三个图片链接)

如果您有任何进一步的疑虑,请随时告诉我。

英文:

Based on your exception info, it is obvious that your app: 52822c14-3f4a-4273-ad38-b1c746f1fbd9 has no permission to pull activity logs of your Azure subscription. I can repro this issue on my side too.

To solve this issue, you should assign a proper Azure subscription Role which has permission to pull logs. For instance, if you just want to pull logs using this app , you can assign Reader Role to it on Azure portal:

Azure试用版本支持REST API进行事件查询吗?
Azure试用版本支持REST API进行事件查询吗?

With this step is done, get a new access token and you can pull the logs you need :
Azure试用版本支持REST API进行事件查询吗?

If you have any further concerns , pls feel free to let me know .

huangapple
  • 本文由 发表于 2020年1月6日 22:52:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/59614183.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定