PolicyExemptionsOperations Class
Warning
DO NOT instantiate this class directly.
Instead, you should access the following operations through
<xref:policy_exemptions> attribute.
- Inheritance
-
builtins.objectPolicyExemptionsOperations
Constructor
PolicyExemptionsOperations(*args, **kwargs)
Methods
create_or_update |
Creates or updates a policy exemption. This operation creates or updates a policy exemption with the given scope and name. Policy exemptions apply to all resources contained within their scope. For example, when you create a policy exemption at resource group scope for a policy assignment at the same or above level, the exemption exempts to all applicable resources in the resource group. |
delete |
Deletes a policy exemption. This operation deletes a policy exemption, given its name and the scope it was created in. The scope of a policy exemption is the part of its ID preceding '/providers/Microsoft.Authorization/policyExemptions/{policyExemptionName}'. |
get |
Retrieves a policy exemption. This operation retrieves a single policy exemption, given its name and the scope it was created at. |
list |
Retrieves all policy exemptions that apply to a subscription. This operation retrieves the list of all policy exemptions associated with the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the subscription, including those that apply directly or from management groups that contain the given subscription, as well as any applied to objects contained within the subscription. |
list_for_management_group |
Retrieves all policy exemptions that apply to a management group. This operation retrieves the list of all policy exemptions applicable to the management group that match the given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter=atScope() is provided, the returned list includes all policy exemptions that are assigned to the management group or the management group's ancestors. |
list_for_resource |
Retrieves all policy exemptions that apply to a resource. This operation retrieves the list of all policy exemptions associated with the specified resource in the given resource group and subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the resource, including those that apply directly or from all containing scopes, as well as any applied to resources contained within the resource. Three parameters plus the resource name are used to identify a specific resource. If the resource is not part of a parent resource (the more common case), the parent resource path should not be provided (or provided as ''). For example a web app could be specified as ({resourceProviderNamespace} == 'Microsoft.Web', {parentResourcePath} == '', {resourceType} == 'sites', {resourceName} == 'MyWebApp'). If the resource is part of a parent resource, then all parameters should be provided. For example a virtual machine DNS name could be specified as ({resourceProviderNamespace} == 'Microsoft.Compute', {parentResourcePath} == 'virtualMachines/MyVirtualMachine', {resourceType} == 'domainNames', {resourceName} == 'MyComputerName'). A convenient alternative to providing the namespace and type name separately is to provide both in the {resourceType} parameter, format: ({resourceProviderNamespace} == '', {parentResourcePath} == '', {resourceType} == 'Microsoft.Web/sites', {resourceName} == 'MyWebApp'). |
list_for_resource_group |
Retrieves all policy exemptions that apply to a resource group. This operation retrieves the list of all policy exemptions associated with the given resource group in the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the resource group, including those that apply directly or apply from containing scopes, as well as any applied to resources contained within the resource group. |
create_or_update
Creates or updates a policy exemption.
This operation creates or updates a policy exemption with the given scope and name. Policy exemptions apply to all resources contained within their scope. For example, when you create a policy exemption at resource group scope for a policy assignment at the same or above level, the exemption exempts to all applicable resources in the resource group.
async create_or_update(scope: str, policy_exemption_name: str, parameters: _models.PolicyExemption, *, content_type: str = 'application/json', **kwargs: Any) -> _models.PolicyExemption
Parameters
Name | Description |
---|---|
scope
Required
|
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'. Required. |
policy_exemption_name
Required
|
The name of the policy exemption to delete. Required. |
parameters
Required
|
Parameters for the policy exemption. Is either a PolicyExemption type or a IO[bytes] type. Required. |
Returns
Type | Description |
---|---|
PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
delete
Deletes a policy exemption.
This operation deletes a policy exemption, given its name and the scope it was created in. The scope of a policy exemption is the part of its ID preceding '/providers/Microsoft.Authorization/policyExemptions/{policyExemptionName}'.
async delete(scope: str, policy_exemption_name: str, **kwargs: Any) -> None
Parameters
Name | Description |
---|---|
scope
Required
|
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'. Required. |
policy_exemption_name
Required
|
The name of the policy exemption to delete. Required. |
Returns
Type | Description |
---|---|
None or the result of cls(response) |
Exceptions
Type | Description |
---|---|
get
Retrieves a policy exemption.
This operation retrieves a single policy exemption, given its name and the scope it was created at.
async get(scope: str, policy_exemption_name: str, **kwargs: Any) -> PolicyExemption
Parameters
Name | Description |
---|---|
scope
Required
|
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'. Required. |
policy_exemption_name
Required
|
The name of the policy exemption to delete. Required. |
Returns
Type | Description |
---|---|
PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
list
Retrieves all policy exemptions that apply to a subscription.
This operation retrieves the list of all policy exemptions associated with the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the subscription, including those that apply directly or from management groups that contain the given subscription, as well as any applied to objects contained within the subscription.
list(filter: str | None = None, **kwargs: Any) -> AsyncIterable[PolicyExemption]
Parameters
Name | Description |
---|---|
filter
Required
|
The filter to apply on the operation. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, no filtering is performed. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the scope, including those that apply directly or apply from containing scopes. If $filter=atScope() is provided, the returned list only includes all policy exemptions that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. If $filter=atExactScope() is provided, the returned list only includes all policy exemptions that at the given scope. If $filter=excludeExpired() is provided, the returned list only includes all policy exemptions that either haven't expired or didn't set expiration date. If $filter=policyAssignmentId eq '{value}' is provided. the returned list only includes all policy exemptions that are associated with the give policyAssignmentId. Default value is None. |
Returns
Type | Description |
---|---|
An iterator like instance of either PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
list_for_management_group
Retrieves all policy exemptions that apply to a management group.
This operation retrieves the list of all policy exemptions applicable to the management group that match the given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter=atScope() is provided, the returned list includes all policy exemptions that are assigned to the management group or the management group's ancestors.
list_for_management_group(management_group_id: str, filter: str | None = None, **kwargs: Any) -> AsyncIterable[PolicyExemption]
Parameters
Name | Description |
---|---|
management_group_id
Required
|
The ID of the management group. Required. |
filter
Required
|
The filter to apply on the operation. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, no filtering is performed. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the scope, including those that apply directly or apply from containing scopes. If $filter=atScope() is provided, the returned list only includes all policy exemptions that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. If $filter=atExactScope() is provided, the returned list only includes all policy exemptions that at the given scope. If $filter=excludeExpired() is provided, the returned list only includes all policy exemptions that either haven't expired or didn't set expiration date. If $filter=policyAssignmentId eq '{value}' is provided. the returned list only includes all policy exemptions that are associated with the give policyAssignmentId. Default value is None. |
Returns
Type | Description |
---|---|
An iterator like instance of either PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
list_for_resource
Retrieves all policy exemptions that apply to a resource.
This operation retrieves the list of all policy exemptions associated with the specified resource in the given resource group and subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the resource, including those that apply directly or from all containing scopes, as well as any applied to resources contained within the resource. Three parameters plus the resource name are used to identify a specific resource. If the resource is not part of a parent resource (the more common case), the parent resource path should not be provided (or provided as ''). For example a web app could be specified as ({resourceProviderNamespace} == 'Microsoft.Web', {parentResourcePath} == '', {resourceType} == 'sites', {resourceName} == 'MyWebApp'). If the resource is part of a parent resource, then all parameters should be provided. For example a virtual machine DNS name could be specified as ({resourceProviderNamespace} == 'Microsoft.Compute', {parentResourcePath} == 'virtualMachines/MyVirtualMachine', {resourceType} == 'domainNames', {resourceName} == 'MyComputerName'). A convenient alternative to providing the namespace and type name separately is to provide both in the {resourceType} parameter, format: ({resourceProviderNamespace} == '', {parentResourcePath} == '', {resourceType} == 'Microsoft.Web/sites', {resourceName} == 'MyWebApp').
list_for_resource(resource_group_name: str, resource_provider_namespace: str, parent_resource_path: str, resource_type: str, resource_name: str, filter: str | None = None, **kwargs: Any) -> AsyncIterable[PolicyExemption]
Parameters
Name | Description |
---|---|
resource_group_name
Required
|
The name of the resource group containing the resource. Required. |
resource_provider_namespace
Required
|
The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines). Required. |
parent_resource_path
Required
|
The parent resource path. Use empty string if there is none. Required. |
resource_type
Required
|
The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). Required. |
resource_name
Required
|
The name of the resource. Required. |
filter
Required
|
The filter to apply on the operation. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, no filtering is performed. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the scope, including those that apply directly or apply from containing scopes. If $filter=atScope() is provided, the returned list only includes all policy exemptions that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. If $filter=atExactScope() is provided, the returned list only includes all policy exemptions that at the given scope. If $filter=excludeExpired() is provided, the returned list only includes all policy exemptions that either haven't expired or didn't set expiration date. If $filter=policyAssignmentId eq '{value}' is provided. the returned list only includes all policy exemptions that are associated with the give policyAssignmentId. Default value is None. |
Returns
Type | Description |
---|---|
An iterator like instance of either PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
list_for_resource_group
Retrieves all policy exemptions that apply to a resource group.
This operation retrieves the list of all policy exemptions associated with the given resource group in the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the resource group, including those that apply directly or apply from containing scopes, as well as any applied to resources contained within the resource group.
list_for_resource_group(resource_group_name: str, filter: str | None = None, **kwargs: Any) -> AsyncIterable[PolicyExemption]
Parameters
Name | Description |
---|---|
resource_group_name
Required
|
The name of the resource group containing the resource. Required. |
filter
Required
|
The filter to apply on the operation. Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. If $filter is not provided, no filtering is performed. If $filter is not provided, the unfiltered list includes all policy exemptions associated with the scope, including those that apply directly or apply from containing scopes. If $filter=atScope() is provided, the returned list only includes all policy exemptions that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. If $filter=atExactScope() is provided, the returned list only includes all policy exemptions that at the given scope. If $filter=excludeExpired() is provided, the returned list only includes all policy exemptions that either haven't expired or didn't set expiration date. If $filter=policyAssignmentId eq '{value}' is provided. the returned list only includes all policy exemptions that are associated with the give policyAssignmentId. Default value is None. |
Returns
Type | Description |
---|---|
An iterator like instance of either PolicyExemption or the result of cls(response) |
Exceptions
Type | Description |
---|---|
Attributes
models
models = <module 'azure.mgmt.resource.policy.v2020_07_01_preview.models' from 'C:\\hostedtoolcache\\windows\\Python\\3.11.9\\x64\\Lib\\site-packages\\azure\\mgmt\\resource\\policy\\v2020_07_01_preview\\models\\__init__.py'>
Azure SDK for Python