Microsoft.PolicyInsights remediations
Bicep resource definition
The remediations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.PolicyInsights/remediations@2024-10-01' = {
scope: resourceSymbolicName or scope
name: 'string'
properties: {
failureThreshold: {
percentage: int
}
filters: {
locations: [
'string'
]
resourceIds: [
'string'
]
}
parallelDeployments: int
policyAssignmentId: 'string'
policyDefinitionReferenceId: 'string'
resourceCount: int
resourceDiscoveryMode: 'string'
}
}
Property values
Microsoft.PolicyInsights/remediations
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Properties for the remediation. | RemediationProperties |
| scope | Use when creating a resource at a scope that is different than the deployment scope. | Set this property to the symbolic name of a resource to apply the extension resource. |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |
| resourceIds | The IDs of the resources that will be remediated. Can specify at most 100 IDs. This filter cannot be used when ReEvaluateCompliance is set to ReEvaluateCompliance, and cannot be empty if provided. | string[] |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | 'ExistingNonCompliant' 'ReEvaluateCompliance' |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |
ARM template resource definition
The remediations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following JSON to your template.
{
"type": "Microsoft.PolicyInsights/remediations",
"apiVersion": "2024-10-01",
"name": "string",
"properties": {
"failureThreshold": {
"percentage": "int"
},
"filters": {
"locations": [ "string" ],
"resourceIds": [ "string" ]
},
"parallelDeployments": "int",
"policyAssignmentId": "string",
"policyDefinitionReferenceId": "string",
"resourceCount": "int",
"resourceDiscoveryMode": "string"
}
}
Property values
Microsoft.PolicyInsights/remediations
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2024-10-01' |
| name | The resource name | string (required) |
| properties | Properties for the remediation. | RemediationProperties |
| type | The resource type | 'Microsoft.PolicyInsights/remediations' |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |
| resourceIds | The IDs of the resources that will be remediated. Can specify at most 100 IDs. This filter cannot be used when ReEvaluateCompliance is set to ReEvaluateCompliance, and cannot be empty if provided. | string[] |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | 'ExistingNonCompliant' 'ReEvaluateCompliance' |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |
Terraform (AzAPI provider) resource definition
The remediations resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.PolicyInsights/remediations@2024-10-01"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
failureThreshold = {
percentage = int
}
filters = {
locations = [
"string"
]
resourceIds = [
"string"
]
}
parallelDeployments = int
policyAssignmentId = "string"
policyDefinitionReferenceId = "string"
resourceCount = int
resourceDiscoveryMode = "string"
}
})
}
Property values
Microsoft.PolicyInsights/remediations
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties for the remediation. | RemediationProperties |
| type | The resource type | "Microsoft.PolicyInsights/remediations@2024-10-01" |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |
| resourceIds | The IDs of the resources that will be remediated. Can specify at most 100 IDs. This filter cannot be used when ReEvaluateCompliance is set to ReEvaluateCompliance, and cannot be empty if provided. | string[] |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | 'ExistingNonCompliant' 'ReEvaluateCompliance' |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |