Microsoft.Authorization policyDefinitions 2020-03-01
Bicep resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant - See tenant deployment commands* Management groups - See management group deployment commands* Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Authorization/policyDefinitions@2020-03-01' = {
name: 'string'
properties: {
description: 'string'
displayName: 'string'
metadata: any(Azure.Bicep.Types.Concrete.AnyType)
mode: 'string'
parameters: {
{customized property}: {
allowedValues: [
any(Azure.Bicep.Types.Concrete.AnyType)
]
defaultValue: any(Azure.Bicep.Types.Concrete.AnyType)
metadata: {
description: 'string'
displayName: 'string'
}
type: 'string'
}
}
policyRule: any(Azure.Bicep.Types.Concrete.AnyType)
policyType: 'string'
}
}
Property values
Microsoft.Authorization/policyDefinitions
Name | Description | Value |
---|---|---|
name | The resource name | string (required) |
properties | The policy definition properties. | PolicyDefinitionProperties |
ParameterDefinitions
Name | Description | Value |
---|
ParameterDefinitionsValue
Name | Description | Value |
---|---|---|
allowedValues | The allowed values for the parameter. | any[] |
defaultValue | The default value for the parameter if no value is provided. | any |
metadata | General metadata for the parameter. | ParameterDefinitionsValueMetadata |
type | The data type of the parameter. | 'Array' 'Boolean' 'DateTime' 'Float' 'Integer' 'Object' 'String' |
ParameterDefinitionsValueMetadata
Name | Description | Value |
---|---|---|
description | The description of the parameter. | string |
displayName | The display name for the parameter. | string |
PolicyDefinitionProperties
Name | Description | Value |
---|---|---|
description | The policy definition description. | string |
displayName | The display name of the policy definition. | string |
metadata | The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs. | any |
mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
parameters | The parameter definitions for parameters used in the policy rule. The keys are the parameter names. | ParameterDefinitions |
policyRule | The policy rule. | any |
policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. | 'BuiltIn' 'Custom' 'NotSpecified' 'Static' |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Create an Azure Virtual Network Manager and sample VNETs | This template deploys an Azure Virtual Network Manager and sample virtual networks into the named resource group. It supports multiple connectivity topologies and network group membership types. |
Deploy a Policy Def and Assign to Multiple Mgmt Groups | This template is a management group level template that will create a policy definition and assign that policy to multiple management groups. |
Deploy a policy definition and assign to a management group | This template is a management group level template that will create a policy definition and assign that policy to the target management group. Currently, this template cannot be deployed via the Azure Portal. |
ARM template resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant - See tenant deployment commands* Management groups - See management group deployment commands* Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following JSON to your template.
{
"type": "Microsoft.Authorization/policyDefinitions",
"apiVersion": "2020-03-01",
"name": "string",
"properties": {
"description": "string",
"displayName": "string",
"metadata": {},
"mode": "string",
"parameters": {
"{customized property}": {
"allowedValues": [ {} ],
"defaultValue": {},
"metadata": {
"description": "string",
"displayName": "string"
},
"type": "string"
}
},
"policyRule": {},
"policyType": "string"
}
}
Property values
Microsoft.Authorization/policyDefinitions
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2020-03-01' |
name | The resource name | string (required) |
properties | The policy definition properties. | PolicyDefinitionProperties |
type | The resource type | 'Microsoft.Authorization/policyDefinitions' |
ParameterDefinitions
Name | Description | Value |
---|
ParameterDefinitionsValue
Name | Description | Value |
---|---|---|
allowedValues | The allowed values for the parameter. | any[] |
defaultValue | The default value for the parameter if no value is provided. | any |
metadata | General metadata for the parameter. | ParameterDefinitionsValueMetadata |
type | The data type of the parameter. | 'Array' 'Boolean' 'DateTime' 'Float' 'Integer' 'Object' 'String' |
ParameterDefinitionsValueMetadata
Name | Description | Value |
---|---|---|
description | The description of the parameter. | string |
displayName | The display name for the parameter. | string |
PolicyDefinitionProperties
Name | Description | Value |
---|---|---|
description | The policy definition description. | string |
displayName | The display name of the policy definition. | string |
metadata | The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs. | any |
mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
parameters | The parameter definitions for parameters used in the policy rule. The keys are the parameter names. | ParameterDefinitions |
policyRule | The policy rule. | any |
policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. | 'BuiltIn' 'Custom' 'NotSpecified' 'Static' |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Create an Azure Virtual Network Manager and sample VNETs |
This template deploys an Azure Virtual Network Manager and sample virtual networks into the named resource group. It supports multiple connectivity topologies and network group membership types. |
Deploy a Policy Def and Assign to Multiple Mgmt Groups |
This template is a management group level template that will create a policy definition and assign that policy to multiple management groups. |
Deploy a policy definition and assign to a management group |
This template is a management group level template that will create a policy definition and assign that policy to the target management group. Currently, this template cannot be deployed via the Azure Portal. |
Terraform (AzAPI provider) resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant* Management groups* Subscription
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Authorization/policyDefinitions@2020-03-01"
name = "string"
body = jsonencode({
properties = {
description = "string"
displayName = "string"
metadata = ?
mode = "string"
parameters = {
{customized property} = {
allowedValues = [
?
]
defaultValue = ?
metadata = {
description = "string"
displayName = "string"
}
type = "string"
}
}
policyRule = ?
policyType = "string"
}
})
}
Property values
Microsoft.Authorization/policyDefinitions
Name | Description | Value |
---|---|---|
name | The resource name | string (required) |
properties | The policy definition properties. | PolicyDefinitionProperties |
type | The resource type | "Microsoft.Authorization/policyDefinitions@2020-03-01" |
ParameterDefinitions
Name | Description | Value |
---|
ParameterDefinitionsValue
Name | Description | Value |
---|---|---|
allowedValues | The allowed values for the parameter. | any[] |
defaultValue | The default value for the parameter if no value is provided. | any |
metadata | General metadata for the parameter. | ParameterDefinitionsValueMetadata |
type | The data type of the parameter. | 'Array' 'Boolean' 'DateTime' 'Float' 'Integer' 'Object' 'String' |
ParameterDefinitionsValueMetadata
Name | Description | Value |
---|---|---|
description | The description of the parameter. | string |
displayName | The display name for the parameter. | string |
PolicyDefinitionProperties
Name | Description | Value |
---|---|---|
description | The policy definition description. | string |
displayName | The display name of the policy definition. | string |
metadata | The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs. | any |
mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
parameters | The parameter definitions for parameters used in the policy rule. The keys are the parameter names. | ParameterDefinitions |
policyRule | The policy rule. | any |
policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. | 'BuiltIn' 'Custom' 'NotSpecified' 'Static' |