Share via


az blueprint artifact policy

Note

This reference is part of the blueprint extension for the Azure CLI (version 2.50.0 or higher). The extension will automatically install the first time you run an az blueprint artifact policy command. Learn more about extensions.

Commands to manage blueprint policy assignment artifact.

Commands

Name Description Type Status
az blueprint artifact policy create

Create blueprint policy artifact.

Extension GA
az blueprint artifact policy update

Update blueprint policy artifact.

Extension GA

az blueprint artifact policy create

Create blueprint policy artifact.

az blueprint artifact policy create --artifact-name
                                    --blueprint-name
                                    --policy-definition-id
                                    [--depends-on]
                                    [--description]
                                    [--display-name]
                                    [--management-group]
                                    [--parameters]
                                    [--resource-group-art]
                                    [--subscription]

Examples

Create a policy artifact

az blueprint artifact policy create \
--blueprint-name MyBlueprint --artifact-name MyPolicy --policy-definition-id \
"/providers/Microsoft.Authorization/policyDefinitions/00000000-0000-0000-0000-000000000000" \
--parameters path/to/file --display-name "Policy to do sth"

Required Parameters

--artifact-name

Name of the blueprint artifact.

--blueprint-name

Name of the blueprint definition.

--policy-definition-id

The full policy definition id.

Optional Parameters

--depends-on

Artifacts which need to be deployed before the specified artifact.

--description

Description of the blueprint artifact.

--display-name

DisplayName of this artifact.

--management-group -m

Use management group for the scope of the blueprint.

--parameters -p

Parameters for policy assignment artifact. It can be a JSON string or JSON file path.

--resource-group-art

Name of the resource group artifact to which the policy will be assigned.

--subscription -s

Use subscription for the scope of the blueprint. If --management-group is not specified, --subscription value or the default subscription will be used as the scope.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az blueprint artifact policy update

Update blueprint policy artifact.

az blueprint artifact policy update --artifact-name
                                    --blueprint-name
                                    [--depends-on]
                                    [--description]
                                    [--display-name]
                                    [--management-group]
                                    [--parameters]
                                    [--resource-group-art]
                                    [--subscription]

Examples

Update a policy artifact

az blueprint artifact policy update \
--blueprint-name MyBlueprint --artifact-name MyPolicy --display-name "My Policy"

Required Parameters

--artifact-name

Name of the blueprint artifact.

--blueprint-name

Name of the blueprint definition.

Optional Parameters

--depends-on

Artifacts which need to be deployed before the specified artifact. Use '--depends-on' with no values to remove dependencies.

--description

Description of the blueprint artifact.

--display-name

DisplayName of this artifact.

--management-group -m

Use management group for the scope of the blueprint.

--parameters -p

Parameters for policy assignment artifact. It can be a JSON string or JSON file path.

--resource-group-art

Name of the resource group artifact to which the policy will be assigned.

--subscription -s

Use subscription for the scope of the blueprint. If --management-group is not specified, --subscription value or the default subscription will be used as the scope.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.