Policy States - List Query Results For Subscription
Queries policy states for the resources under the subscription.
POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2024-10-01POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.PolicyInsights/policyStates/{policyStatesResource}/queryResults?api-version=2024-10-01&$top={$top}&$orderby={$orderby}&$select={$select}&$from={$from}&$to={$to}&$filter={$filter}&$apply={$apply}&$skiptoken={$skiptoken}URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
policy
|
path | True |
The virtual resource under PolicyStates resource type. In a given time range, 'latest' represents the latest policy state(s), whereas 'default' represents all policy state(s). |
|
|
subscription
|
path | True |
string |
Microsoft Azure subscription ID. |
|
api-version
|
query | True |
string |
Client Api Version. |
|
$apply
|
query |
string |
OData apply expression for aggregations. |
|
|
$filter
|
query |
string |
OData filter expression. |
|
|
$from
|
query |
string (date-time) |
ISO 8601 formatted timestamp specifying the start time of the interval to query. When not specified, the service uses ($to - 1-day). |
|
|
$orderby
|
query |
string |
Ordering expression using OData notation. One or more comma-separated column names with an optional "desc" (the default) or "asc", e.g. "$orderby=PolicyAssignmentId, ResourceId asc". |
|
|
$select
|
query |
string |
Select expression using OData notation. Limits the columns on each record to just those requested, e.g. "$select=PolicyAssignmentId, ResourceId". |
|
|
$skiptoken
|
query |
string |
Skiptoken is only provided if a previous response returned a partial result as a part of nextLink element. |
|
|
$to
|
query |
string (date-time) |
ISO 8601 formatted timestamp specifying the end time of the interval to query. When not specified, the service uses request time. |
|
|
$top
|
query |
integer (int32) minimum: 0 |
Maximum number of records to return. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Query results. |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
Filter and aggregate only
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$from=2019-10-05T18:00:00Z&$filter=PolicyDefinitionAction eq 'deny'&$apply=aggregate($count as NumDenyStates)
Sample response
{
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 1,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"NumDenyStates": 6
}
]
}Filter and group with aggregate
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$top=2&$orderby=NumAuditDenyNonComplianceRecords desc&$from=2019-10-05T18:00:00Z&$filter=IsCompliant eq false and (PolicyDefinitionAction eq 'audit' or PolicyDefinitionAction eq 'deny')&$apply=groupby((PolicyAssignmentId, PolicyDefinitionId, PolicyDefinitionAction, ResourceId), aggregate($count as NumAuditDenyNonComplianceRecords))
Sample response
{
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/e46af646ebdb461dba708e01",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/c8b79b49-a579-4045-984e-1b249ab8b474",
"policyDefinitionAction": "audit",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myrg/providers/microsoft.classiccompute/domainnames/myDomainName",
"NumAuditDenyNonComplianceRecords": 10
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/ddd8ef92e3714a5ea3d208c1",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionAction": "audit",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myrg/providers/microsoft.classiccompute/domainnames/myDomainName",
"NumAuditDenyNonComplianceRecords": 10
}
]
}Filter and group without aggregate
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$top=2&$from=2019-10-05T18:00:00Z&$filter=IsCompliant eq false and (PolicyDefinitionAction ne 'audit' and PolicyDefinitionAction ne 'append')&$apply=groupby((PolicyAssignmentId, PolicyDefinitionId, PolicyDefinitionAction, ResourceId))
Sample response
{
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/enable monitoring in azure security center",
"policyDefinitionId": "/providers/microsoft.authorization/policydefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed",
"policyDefinitionAction": "auditifnotexists",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myrg/providers/microsoft.network/virtualnetworks/vnet"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/89b27f38-e9e4-4468-ab81-801c84b8c017",
"policyDefinitionId": "/providers/microsoft.authorization/policydefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed",
"policyDefinitionAction": "auditifnotexists",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourcegroups/myrg/providers/microsoft.network/virtualnetworks/vnet"
}
]
}Filter and multiple groups
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$top=10&$orderby=NumNonCompliantResources desc&$filter=IsCompliant eq false&$apply=groupby((PolicyAssignmentId, PolicySetDefinitionId, PolicyDefinitionId, PolicyDefinitionReferenceId, ResourceId))/groupby((PolicyAssignmentId, PolicySetDefinitionId, PolicyDefinitionId, PolicyDefinitionReferenceId), aggregate($count as NumNonCompliantResources))
Sample response
{
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 10,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/f4cc58b7db524a9799381531",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "14799174781370023846",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/f4cc58b7db524a9799381531",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "1679708035638239273",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/ddd8ef92e3714a5ea3d208c1",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "14799174781370023846",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/ddd8ef92e3714a5ea3d208c1",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "1679708035638239273",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/d9da7e80af6344ab9d342aa7",
"policySetDefinitionId": "",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/dcda79d769674aea8bfcaa49",
"policySetDefinitionId": "",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/c8b79b49-a579-4045-984e-1b249ab8b474",
"policyDefinitionReferenceId": "",
"NumNonCompliantResources": 557
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/3f3c4330183b4e218fe6fd29",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/3e3807c1-65c9-49e0-a406-82d8ae3e338c",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/24813039-7534-408a-9842-eb99f45721b1",
"policyDefinitionReferenceId": "",
"NumNonCompliantResources": 552
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/e46af646ebdb461dba708e01",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/a03db67e-a286-43c3-9098-b2da83d361ad",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/c8b79b49-a579-4045-984e-1b249ab8b474",
"policyDefinitionReferenceId": "8935913113203900114",
"NumNonCompliantResources": 544
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policyassignments/8174043a1e2849179635b874",
"policySetDefinitionId": "",
"policyDefinitionId": "/providers/microsoft.management/managementgroups/mymg/providers/microsoft.authorization/policydefinitions/72c0c41a-c752-4bc0-9c61-0d6adc567066",
"policyDefinitionReferenceId": "",
"NumNonCompliantResources": 526
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policyassignments/ddd8ef92e3714a5ea3d208c1",
"policySetDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policysetdefinitions/12b58873-e0f8-4b95-936c-86cbe7c9d697",
"policyDefinitionId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/microsoft.authorization/policydefinitions/c8b79b49-a579-4045-984e-1b249ab8b474",
"policyDefinitionReferenceId": "2124621540977569058",
"NumNonCompliantResources": 509
}
]
}Query latest at subscription scope
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01
Sample response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T17:48:05Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg1/providers/Microsoft.Network/publicIPAddresses/mypubip1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/Enable Monitoring in Azure Security Center",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Network/publicIPAddresses",
"resourceLocation": "eastus",
"resourceGroup": "myrg1",
"resourceTags": "tbd",
"policyAssignmentName": "Enable Monitoring in Azure Security Center",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "9daedab3-fb2d-461e-b861-71790eead4f6",
"policyDefinitionAction": "AuditIfNotExists",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T17:48:05Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg1/providers/Microsoft.Network/publicIPAddresses/mypubip1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/9ac09b0657d942e5ad4041a6",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Network/publicIPAddresses",
"resourceLocation": "eastus",
"resourceGroup": "myrg1",
"resourceTags": "tbd",
"policyAssignmentName": "9ac09b0657d942e5ad4041a6",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "9daedab3-fb2d-461e-b861-71790eead4f6",
"policyDefinitionAction": "AuditIfNotExists",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
],
"policyDefinitionVersion": "1.0.0-preview",
"policySetDefinitionVersion": "2.0.1",
"policyAssignmentVersion": "1.0.0"
}
]
}Query latest at subscription scope with next link
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$skiptoken=WpmWfBSvPhkAK6QD
Sample response
{
"@odata.nextLink": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T17:48:05Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg1/providers/Microsoft.Network/publicIPAddresses/mypubip1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/Enable Monitoring in Azure Security Center",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Network/publicIPAddresses",
"resourceLocation": "eastus",
"resourceGroup": "myrg1",
"resourceTags": "tbd",
"policyAssignmentName": "Enable Monitoring in Azure Security Center",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "9daedab3-fb2d-461e-b861-71790eead4f6",
"policyDefinitionAction": "AuditIfNotExists",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
]
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-09T17:48:05Z",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg1/providers/Microsoft.Network/publicIPAddresses/mypubip1",
"policyAssignmentId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.Authorization/policyAssignments/9ac09b0657d942e5ad4041a6",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6",
"effectiveParameters": null,
"isCompliant": false,
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceType": "/Microsoft.Network/publicIPAddresses",
"resourceLocation": "eastus",
"resourceGroup": "myrg1",
"resourceTags": "tbd",
"policyAssignmentName": "9ac09b0657d942e5ad4041a6",
"policyAssignmentOwner": "tbd",
"policyAssignmentParameters": "{}",
"policyAssignmentScope": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852",
"policyDefinitionName": "9daedab3-fb2d-461e-b861-71790eead4f6",
"policyDefinitionAction": "AuditIfNotExists",
"policyDefinitionCategory": "tbd",
"policySetDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"policySetDefinitionOwner": null,
"policySetDefinitionCategory": null,
"policySetDefinitionParameters": null,
"managementGroupIds": "mymg,fff988bf-fff1-ffff-fffb-fffcd011db47",
"policyDefinitionReferenceId": null,
"complianceState": "NonCompliant",
"policyDefinitionGroupNames": [
"myGroup"
]
}
]
}Time range; sort, select and limit
Sample request
POST https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/latest/queryResults?api-version=2024-10-01&$top=2&$orderby=Timestamp desc, PolicyAssignmentId asc, SubscriptionId asc, ResourceGroup asc, ResourceId&$select=Timestamp, PolicyAssignmentId, PolicyDefinitionId, SubscriptionId, ResourceGroup, ResourceId, policyDefinitionGroupNames&$from=2019-10-05T18:00:00Z&$to=2019-10-06T18:00:00Z
Sample response
{
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest",
"@odata.count": 2,
"value": [
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-06T17:58:00Z",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/8cb1e007-947f-423a-ad0c-7ab7dc7d0255/providers/Microsoft.Authorization/policyAssignments/1654a0254ab34920a60f94eb",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759",
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceGroup": "myrg1",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg1/providers/Microsoft.Storage/storageAccounts/mysa1",
"policyDefinitionGroupNames": [
"myGroup"
]
},
{
"@odata.id": null,
"@odata.context": "https://management.azure.com/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/providers/Microsoft.PolicyInsights/policyStates/$metadata#latest/$entity",
"timestamp": "2019-10-06T17:58:00Z",
"policyAssignmentId": "/providers/Microsoft.Management/managementGroups/8cb1e007-947f-423a-ad0c-7ab7dc7d0255/providers/Microsoft.Authorization/policyAssignments/1654a0254ab34920a60f94eb",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759",
"subscriptionId": "fffedd8f-ffff-fffd-fffd-fffed2f84852",
"resourceGroup": "myrg2",
"resourceId": "/subscriptions/fffedd8f-ffff-fffd-fffd-fffed2f84852/resourceGroups/myrg2/providers/Microsoft.Storage/storageAccounts/mysa2",
"policyDefinitionGroupNames": []
}
]
}Definitions
| Name | Description |
|---|---|
|
Component |
Component state details. |
| Error |
Error definition. |
|
Expression |
Evaluation details of policy language expressions. |
|
If |
Evaluation details of IfNotExists effect. |
|
Policy |
Policy evaluation details. |
|
Policy |
Policy state record. |
|
Policy |
Query results. |
|
Policy |
The virtual resource under PolicyStates resource type. In a given time range, 'latest' represents the latest policy state(s), whereas 'default' represents all policy state(s). |
|
Query |
Error response. |
ComponentStateDetails
Component state details.
| Name | Type | Description |
|---|---|---|
| complianceState |
string |
Component compliance state. |
| id |
string |
Component Id. |
| name |
string |
Component name. |
| timestamp |
string (date-time) |
Component compliance evaluation timestamp. |
| type |
string |
Component type. |
Error
Error definition.
| Name | Type | Description |
|---|---|---|
| code |
string |
Service specific error code which serves as the substatus for the HTTP error code. |
| message |
string |
Description of the error. |
ExpressionEvaluationDetails
Evaluation details of policy language expressions.
| Name | Type | Description |
|---|---|---|
| expression |
string |
Expression evaluated. |
| expressionKind |
string |
The kind of expression that was evaluated. |
| expressionValue |
object |
Value of the expression. |
| operator |
string |
Operator to compare the expression value and the target value. |
| path |
string |
Property path if the expression is a field or an alias. |
| result |
string |
Evaluation result. |
| targetValue |
object |
Target value to be compared with the expression value. |
IfNotExistsEvaluationDetails
Evaluation details of IfNotExists effect.
| Name | Type | Description |
|---|---|---|
| resourceId |
string |
ID of the last evaluated resource for IfNotExists effect. |
| totalResources |
integer |
Total number of resources to which the existence condition is applicable. |
PolicyEvaluationDetails
Policy evaluation details.
| Name | Type | Description |
|---|---|---|
| evaluatedExpressions |
Details of the evaluated expressions. |
|
| ifNotExistsDetails |
Evaluation details of IfNotExists effect. |
PolicyState
Policy state record.
| Name | Type | Description |
|---|---|---|
| @odata.context |
string |
OData context string; used by OData clients to resolve type information based on metadata. |
| @odata.id |
string |
OData entity ID; always set to null since policy state records do not have an entity ID. |
| complianceState |
string |
Compliance state of the resource. |
| components |
Components state compliance records populated only when URL contains $expand=components clause. |
|
| effectiveParameters |
string |
Effective parameters for the policy assignment. |
| isCompliant |
boolean |
Flag which states whether the resource is compliant against the policy assignment it was evaluated against. This property is deprecated; please use ComplianceState instead. |
| managementGroupIds |
string |
Comma separated list of management group IDs, which represent the hierarchy of the management groups the resource is under. |
| policyAssignmentId |
string |
Policy assignment ID. |
| policyAssignmentName |
string |
Policy assignment name. |
| policyAssignmentOwner |
string |
Policy assignment owner. |
| policyAssignmentParameters |
string |
Policy assignment parameters. |
| policyAssignmentScope |
string |
Policy assignment scope. |
| policyAssignmentVersion |
string |
Evaluated policy assignment version. |
| policyDefinitionAction |
string |
Policy definition action, i.e. effect. |
| policyDefinitionCategory |
string |
Policy definition category. |
| policyDefinitionGroupNames |
string[] |
Policy definition group names. |
| policyDefinitionId |
string |
Policy definition ID. |
| policyDefinitionName |
string |
Policy definition name. |
| policyDefinitionReferenceId |
string |
Reference ID for the policy definition inside the policy set, if the policy assignment is for a policy set. |
| policyDefinitionVersion |
string |
Evaluated policy definition version. |
| policyEvaluationDetails |
Policy evaluation details. |
|
| policySetDefinitionCategory |
string |
Policy set definition category, if the policy assignment is for a policy set. |
| policySetDefinitionId |
string |
Policy set definition ID, if the policy assignment is for a policy set. |
| policySetDefinitionName |
string |
Policy set definition name, if the policy assignment is for a policy set. |
| policySetDefinitionOwner |
string |
Policy set definition owner, if the policy assignment is for a policy set. |
| policySetDefinitionParameters |
string |
Policy set definition parameters, if the policy assignment is for a policy set. |
| policySetDefinitionVersion |
string |
Evaluated policy set definition version. |
| resourceGroup |
string |
Resource group name. |
| resourceId |
string |
Resource ID. |
| resourceLocation |
string |
Resource location. |
| resourceTags |
string |
List of resource tags. |
| resourceType |
string |
Resource type. |
| subscriptionId |
string |
Subscription ID. |
| timestamp |
string (date-time) |
Timestamp for the policy state record. |
PolicyStatesQueryResults
Query results.
| Name | Type | Description |
|---|---|---|
| @odata.context |
string |
OData context string; used by OData clients to resolve type information based on metadata. |
| @odata.count |
integer (int32) minimum: 0 |
OData entity count; represents the number of policy state records returned. |
| @odata.nextLink |
string |
Odata next link; URL to get the next set of results. |
| value |
Query results. |
PolicyStatesResource
The virtual resource under PolicyStates resource type. In a given time range, 'latest' represents the latest policy state(s), whereas 'default' represents all policy state(s).
| Value | Description |
|---|---|
| default | |
| latest |
QueryFailure
Error response.
| Name | Type | Description |
|---|---|---|
| error |
Error definition. |