Role Management Policies - Update

Referência

Serviço:: Authorization

Versão da API:: 2020-10-01

Atualizar uma política de gerenciamento de funções

PATCH https://management.azure.com/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}?api-version=2020-10-01

Parâmetros de URI

Nome	Em	Obrigatório	Tipo	Description
roleManagementPolicyName	path	True	string	O nome (guid) da política de gerenciamento de função a ser upsert.
scope	path	True	string	O escopo da política de gerenciamento de função a ser upsert.
api-version	query	True	string	A versão da API a ser usada para esta operação.

Corpo da solicitação

Nome	Tipo	Description
properties.description	string	A descrição da política de gerenciamento de funções.
properties.displayName	string	O nome de exibição da política de gerenciamento de função.
properties.isOrganizationDefault	boolean	A política de gerenciamento de funções é a política padrão.
properties.rules	RoleManagementPolicyRule[]	A regra aplicada à política.
properties.scope	string	O escopo da política de gerenciamento de funções.

Respostas

Nome	Tipo	Description
200 OK	RoleManagementPolicy	Ok – retorna a política atualizada.
Other Status Codes	CloudError	Resposta de erro que descreve por que a operação falhou.

Segurança

azure_auth

Fluxo do OAuth2 do Azure Active Directory

Tipo: oauth2
Flow: implicit
URL de Autorização: https://login.microsoftonline.com/common/oauth2/authorize

Escopos

Nome	Description
user_impersonation	representar sua conta de usuário

Exemplos

PatchPartialRoleManagementPolicy

PatchRoleManagementPolicy

PatchPartialRoleManagementPolicy

Solicitação de exemplo

PATCH https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a?api-version=2020-10-01

{
  "properties": {
    "rules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ]
  }
}


import com.azure.resourcemanager.authorization.fluent.models.RoleManagementPolicyInner;
import com.azure.resourcemanager.authorization.models.NotificationDeliveryMechanism;
import com.azure.resourcemanager.authorization.models.NotificationLevel;
import com.azure.resourcemanager.authorization.models.RecipientType;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyExpirationRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyNotificationRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyRuleTarget;
import java.util.Arrays;

/**
 * Samples for RoleManagementPolicies Update.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * PatchPartialRoleManagementPolicy.json
     */
    /**
     * Sample code: PatchPartialRoleManagementPolicy.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void patchPartialRoleManagementPolicy(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleManagementPolicies()
            .updateWithResponse("providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
                "570c3619-7688-4b34-b290-2b8bb3ccab2a",
                new RoleManagementPolicyInner().withRules(Arrays.asList(
                    new RoleManagementPolicyExpirationRule().withId("Expiration_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withIsExpirationRequired(false).withMaximumDuration("P180D"),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Admin_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.ADMIN)
                        .withNotificationRecipients(Arrays.asList("admin_admin_eligible@test.com"))
                        .withIsDefaultRecipientsEnabled(false))),
                com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json
func ExampleRoleManagementPoliciesClient_Update_patchPartialRoleManagementPolicy() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewRoleManagementPoliciesClient().Update(ctx, "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "570c3619-7688-4b34-b290-2b8bb3ccab2a", armauthorization.RoleManagementPolicy{
		Properties: &armauthorization.RoleManagementPolicyProperties{
			Rules: []armauthorization.RoleManagementPolicyRuleClassification{
				&armauthorization.RoleManagementPolicyExpirationRule{
					ID:       to.Ptr("Expiration_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsExpirationRequired: to.Ptr(false),
					MaximumDuration:      to.Ptr("P180D"),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Admin_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("admin_admin_eligible@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeAdmin),
				}},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.RoleManagementPolicy = armauthorization.RoleManagementPolicy{
	// 	Name: to.Ptr("570c3619-7688-4b34-b290-2b8bb3ccab2a"),
	// 	Type: to.Ptr("Microsoft.Authorization/RoleManagementPolicies"),
	// 	ID: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a"),
	// 	Properties: &armauthorization.RoleManagementPolicyProperties{
	// 		EffectiveRules: []armauthorization.RoleManagementPolicyRuleClassification{
	// 			&armauthorization.RoleManagementPolicyExpirationRule{
	// 				ID: to.Ptr("Expiration_Admin_Eligibility"),
	// 				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 					Caller: to.Ptr("Admin"),
	// 					Level: to.Ptr("Eligibility"),
	// 					Operations: []*string{
	// 						to.Ptr("All")},
	// 					},
	// 					IsExpirationRequired: to.Ptr(false),
	// 					MaximumDuration: to.Ptr("P180D"),
	// 				},
	// 				&armauthorization.RoleManagementPolicyNotificationRule{
	// 					ID: to.Ptr("Notification_Admin_Admin_Eligibility"),
	// 					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 						Caller: to.Ptr("Admin"),
	// 						Level: to.Ptr("Eligibility"),
	// 						Operations: []*string{
	// 							to.Ptr("All")},
	// 						},
	// 						IsDefaultRecipientsEnabled: to.Ptr(false),
	// 						NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 						NotificationRecipients: []*string{
	// 							to.Ptr("admin_admin_eligible@test.com")},
	// 							NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 							RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 						},
	// 						&armauthorization.RoleManagementPolicyNotificationRule{
	// 							ID: to.Ptr("Notification_Requestor_Admin_Eligibility"),
	// 							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 								Caller: to.Ptr("Admin"),
	// 								Level: to.Ptr("Eligibility"),
	// 								Operations: []*string{
	// 									to.Ptr("All")},
	// 								},
	// 								IsDefaultRecipientsEnabled: to.Ptr(false),
	// 								NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 								NotificationRecipients: []*string{
	// 									to.Ptr("requestor_admin_eligible@test.com")},
	// 									NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 									RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 								},
	// 								&armauthorization.RoleManagementPolicyNotificationRule{
	// 									ID: to.Ptr("Notification_Approver_Admin_Eligibility"),
	// 									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 										Caller: to.Ptr("Admin"),
	// 										Level: to.Ptr("Eligibility"),
	// 										Operations: []*string{
	// 											to.Ptr("All")},
	// 										},
	// 										IsDefaultRecipientsEnabled: to.Ptr(false),
	// 										NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 										NotificationRecipients: []*string{
	// 											to.Ptr("approver_admin_eligible@test.com")},
	// 											NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 											RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 										},
	// 										&armauthorization.RoleManagementPolicyEnablementRule{
	// 											ID: to.Ptr("Enablement_Admin_Eligibility"),
	// 											RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 											Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 												Caller: to.Ptr("Admin"),
	// 												Level: to.Ptr("Eligibility"),
	// 												Operations: []*string{
	// 													to.Ptr("All")},
	// 												},
	// 												EnabledRules: []*armauthorization.EnablementRules{
	// 												},
	// 											},
	// 											&armauthorization.RoleManagementPolicyExpirationRule{
	// 												ID: to.Ptr("Expiration_Admin_Assignment"),
	// 												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 													Caller: to.Ptr("Admin"),
	// 													Level: to.Ptr("Assignment"),
	// 													Operations: []*string{
	// 														to.Ptr("All")},
	// 													},
	// 													IsExpirationRequired: to.Ptr(false),
	// 													MaximumDuration: to.Ptr("P90D"),
	// 												},
	// 												&armauthorization.RoleManagementPolicyEnablementRule{
	// 													ID: to.Ptr("Enablement_Admin_Assignment"),
	// 													RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 													Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 														Caller: to.Ptr("Admin"),
	// 														Level: to.Ptr("Assignment"),
	// 														Operations: []*string{
	// 															to.Ptr("All")},
	// 														},
	// 														EnabledRules: []*armauthorization.EnablementRules{
	// 															to.Ptr(armauthorization.EnablementRulesJustification),
	// 															to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication)},
	// 														},
	// 														&armauthorization.RoleManagementPolicyNotificationRule{
	// 															ID: to.Ptr("Notification_Admin_Admin_Assignment"),
	// 															RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 															Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																Caller: to.Ptr("Admin"),
	// 																Level: to.Ptr("Assignment"),
	// 																Operations: []*string{
	// 																	to.Ptr("All")},
	// 																},
	// 																IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																NotificationRecipients: []*string{
	// 																	to.Ptr("admin_admin_member@test.com")},
	// 																	NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																	RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																},
	// 																&armauthorization.RoleManagementPolicyNotificationRule{
	// 																	ID: to.Ptr("Notification_Requestor_Admin_Assignment"),
	// 																	RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																	Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																		Caller: to.Ptr("Admin"),
	// 																		Level: to.Ptr("Assignment"),
	// 																		Operations: []*string{
	// 																			to.Ptr("All")},
	// 																		},
	// 																		IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																		NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																		NotificationRecipients: []*string{
	// 																			to.Ptr("requestor_admin_member@test.com")},
	// 																			NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																			RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																		},
	// 																		&armauthorization.RoleManagementPolicyNotificationRule{
	// 																			ID: to.Ptr("Notification_Approver_Admin_Assignment"),
	// 																			RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																			Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																				Caller: to.Ptr("Admin"),
	// 																				Level: to.Ptr("Assignment"),
	// 																				Operations: []*string{
	// 																					to.Ptr("All")},
	// 																				},
	// 																				IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																				NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																				NotificationRecipients: []*string{
	// 																					to.Ptr("approver_admin_member@test.com")},
	// 																					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																					RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																				},
	// 																				&armauthorization.RoleManagementPolicyExpirationRule{
	// 																					ID: to.Ptr("Expiration_EndUser_Assignment"),
	// 																					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																						Caller: to.Ptr("EndUser"),
	// 																						Level: to.Ptr("Assignment"),
	// 																						Operations: []*string{
	// 																							to.Ptr("All")},
	// 																						},
	// 																						IsExpirationRequired: to.Ptr(true),
	// 																						MaximumDuration: to.Ptr("PT7H"),
	// 																					},
	// 																					&armauthorization.RoleManagementPolicyEnablementRule{
	// 																						ID: to.Ptr("Enablement_EndUser_Assignment"),
	// 																						RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																						Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																							Caller: to.Ptr("EndUser"),
	// 																							Level: to.Ptr("Assignment"),
	// 																							Operations: []*string{
	// 																								to.Ptr("All")},
	// 																							},
	// 																							EnabledRules: []*armauthorization.EnablementRules{
	// 																								to.Ptr(armauthorization.EnablementRulesJustification),
	// 																								to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication),
	// 																								to.Ptr(armauthorization.EnablementRulesTicketing)},
	// 																							},
	// 																							&armauthorization.RoleManagementPolicyApprovalRule{
	// 																								ID: to.Ptr("Approval_EndUser_Assignment"),
	// 																								RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule),
	// 																								Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																									Caller: to.Ptr("EndUser"),
	// 																									Level: to.Ptr("Assignment"),
	// 																									Operations: []*string{
	// 																										to.Ptr("All")},
	// 																									},
	// 																									Setting: &armauthorization.ApprovalSettings{
	// 																										ApprovalMode: to.Ptr(armauthorization.ApprovalModeSingleStage),
	// 																										ApprovalStages: []*armauthorization.ApprovalStage{
	// 																											{
	// 																												ApprovalStageTimeOutInDays: to.Ptr[int32](1),
	// 																												EscalationTimeInMinutes: to.Ptr[int32](0),
	// 																												IsApproverJustificationRequired: to.Ptr(true),
	// 																												IsEscalationEnabled: to.Ptr(false),
	// 																												PrimaryApprovers: []*armauthorization.UserSet{
	// 																													{
	// 																														Description: to.Ptr("amansw_new_group"),
	// 																														ID: to.Ptr("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd"),
	// 																														IsBackup: to.Ptr(false),
	// 																														UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																													},
	// 																													{
	// 																														Description: to.Ptr("amansw_group"),
	// 																														ID: to.Ptr("2f4913c9-d15b-406a-9946-1d66a28f2690"),
	// 																														IsBackup: to.Ptr(false),
	// 																														UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																												}},
	// 																										}},
	// 																										IsApprovalRequired: to.Ptr(true),
	// 																										IsApprovalRequiredForExtension: to.Ptr(false),
	// 																										IsRequestorJustificationRequired: to.Ptr(true),
	// 																									},
	// 																								},
	// 																								&armauthorization.RoleManagementPolicyAuthenticationContextRule{
	// 																									ID: to.Ptr("AuthenticationContext_EndUser_Assignment"),
	// 																									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule),
	// 																									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																										Caller: to.Ptr("EndUser"),
	// 																										Level: to.Ptr("Assignment"),
	// 																										Operations: []*string{
	// 																											to.Ptr("All")},
	// 																										},
	// 																										ClaimValue: to.Ptr(""),
	// 																										IsEnabled: to.Ptr(false),
	// 																									},
	// 																									&armauthorization.RoleManagementPolicyNotificationRule{
	// 																										ID: to.Ptr("Notification_Admin_EndUser_Assignment"),
	// 																										RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																										Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																											Caller: to.Ptr("EndUser"),
	// 																											Level: to.Ptr("Assignment"),
	// 																											Operations: []*string{
	// 																												to.Ptr("All")},
	// 																											},
	// 																											IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																											NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																											NotificationRecipients: []*string{
	// 																												to.Ptr("admin_enduser_member@test.com")},
	// 																												NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																												RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																											},
	// 																											&armauthorization.RoleManagementPolicyNotificationRule{
	// 																												ID: to.Ptr("Notification_Requestor_EndUser_Assignment"),
	// 																												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																													Caller: to.Ptr("EndUser"),
	// 																													Level: to.Ptr("Assignment"),
	// 																													Operations: []*string{
	// 																														to.Ptr("All")},
	// 																													},
	// 																													IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																													NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																													NotificationRecipients: []*string{
	// 																														to.Ptr("requestor_enduser_member@test.com")},
	// 																														NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																														RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																													},
	// 																													&armauthorization.RoleManagementPolicyNotificationRule{
	// 																														ID: to.Ptr("Notification_Approver_EndUser_Assignment"),
	// 																														RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																														Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																															Caller: to.Ptr("EndUser"),
	// 																															Level: to.Ptr("Assignment"),
	// 																															Operations: []*string{
	// 																																to.Ptr("All")},
	// 																															},
	// 																															IsDefaultRecipientsEnabled: to.Ptr(true),
	// 																															NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																															NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																															RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																													}},
	// 																													IsOrganizationDefault: to.Ptr(false),
	// 																													LastModifiedBy: &armauthorization.Principal{
	// 																														DisplayName: to.Ptr("Admin"),
	// 																													},
	// 																													LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-17T16:35:27.910Z"); return t}()),
	// 																													PolicyProperties: &armauthorization.PolicyProperties{
	// 																														Scope: &armauthorization.PolicyPropertiesScope{
	// 																															Type: to.Ptr("subscription"),
	// 																															DisplayName: to.Ptr("Pay-As-You-Go"),
	// 																															ID: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368"),
	// 																														},
	// 																													},
	// 																													Rules: []armauthorization.RoleManagementPolicyRuleClassification{
	// 																														&armauthorization.RoleManagementPolicyExpirationRule{
	// 																															ID: to.Ptr("Expiration_Admin_Eligibility"),
	// 																															RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																															Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																Caller: to.Ptr("Admin"),
	// 																																Level: to.Ptr("Eligibility"),
	// 																																Operations: []*string{
	// 																																	to.Ptr("All")},
	// 																																},
	// 																																IsExpirationRequired: to.Ptr(false),
	// 																																MaximumDuration: to.Ptr("P180D"),
	// 																															},
	// 																															&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																ID: to.Ptr("Notification_Admin_Admin_Eligibility"),
	// 																																RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																	Caller: to.Ptr("Admin"),
	// 																																	Level: to.Ptr("Eligibility"),
	// 																																	Operations: []*string{
	// 																																		to.Ptr("All")},
	// 																																	},
	// 																																	IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																	NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																	NotificationRecipients: []*string{
	// 																																		to.Ptr("admin_admin_eligible@test.com")},
	// 																																		NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																		RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																	},
	// 																																	&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																		ID: to.Ptr("Notification_Requestor_Admin_Eligibility"),
	// 																																		RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																		Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																			Caller: to.Ptr("Admin"),
	// 																																			Level: to.Ptr("Eligibility"),
	// 																																			Operations: []*string{
	// 																																				to.Ptr("All")},
	// 																																			},
	// 																																			IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																			NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																			NotificationRecipients: []*string{
	// 																																				to.Ptr("requestor_admin_eligible@test.com")},
	// 																																				NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																				RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																			},
	// 																																			&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																				ID: to.Ptr("Notification_Approver_Admin_Eligibility"),
	// 																																				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																					Caller: to.Ptr("Admin"),
	// 																																					Level: to.Ptr("Eligibility"),
	// 																																					Operations: []*string{
	// 																																						to.Ptr("All")},
	// 																																					},
	// 																																					IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																					NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																					NotificationRecipients: []*string{
	// 																																						to.Ptr("approver_admin_eligible@test.com")},
	// 																																						NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																						RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																					},
	// 																																					&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																						ID: to.Ptr("Enablement_Admin_Eligibility"),
	// 																																						RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																						Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																							Caller: to.Ptr("Admin"),
	// 																																							Level: to.Ptr("Eligibility"),
	// 																																							Operations: []*string{
	// 																																								to.Ptr("All")},
	// 																																							},
	// 																																							EnabledRules: []*armauthorization.EnablementRules{
	// 																																							},
	// 																																						},
	// 																																						&armauthorization.RoleManagementPolicyExpirationRule{
	// 																																							ID: to.Ptr("Expiration_Admin_Assignment"),
	// 																																							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																																							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																								Caller: to.Ptr("Admin"),
	// 																																								Level: to.Ptr("Assignment"),
	// 																																								Operations: []*string{
	// 																																									to.Ptr("All")},
	// 																																								},
	// 																																								IsExpirationRequired: to.Ptr(false),
	// 																																								MaximumDuration: to.Ptr("P90D"),
	// 																																							},
	// 																																							&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																								ID: to.Ptr("Enablement_Admin_Assignment"),
	// 																																								RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																								Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																									Caller: to.Ptr("Admin"),
	// 																																									Level: to.Ptr("Assignment"),
	// 																																									Operations: []*string{
	// 																																										to.Ptr("All")},
	// 																																									},
	// 																																									EnabledRules: []*armauthorization.EnablementRules{
	// 																																										to.Ptr(armauthorization.EnablementRulesJustification),
	// 																																										to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication)},
	// 																																									},
	// 																																									&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																										ID: to.Ptr("Notification_Admin_Admin_Assignment"),
	// 																																										RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																										Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																											Caller: to.Ptr("Admin"),
	// 																																											Level: to.Ptr("Assignment"),
	// 																																											Operations: []*string{
	// 																																												to.Ptr("All")},
	// 																																											},
	// 																																											IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																											NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																											NotificationRecipients: []*string{
	// 																																												to.Ptr("admin_admin_member@test.com")},
	// 																																												NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																												RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																											},
	// 																																											&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																												ID: to.Ptr("Notification_Requestor_Admin_Assignment"),
	// 																																												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																													Caller: to.Ptr("Admin"),
	// 																																													Level: to.Ptr("Assignment"),
	// 																																													Operations: []*string{
	// 																																														to.Ptr("All")},
	// 																																													},
	// 																																													IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																													NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																													NotificationRecipients: []*string{
	// 																																														to.Ptr("requestor_admin_member@test.com")},
	// 																																														NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																														RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																													},
	// 																																													&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																														ID: to.Ptr("Notification_Approver_Admin_Assignment"),
	// 																																														RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																														Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																															Caller: to.Ptr("Admin"),
	// 																																															Level: to.Ptr("Assignment"),
	// 																																															Operations: []*string{
	// 																																																to.Ptr("All")},
	// 																																															},
	// 																																															IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																															NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																															NotificationRecipients: []*string{
	// 																																																to.Ptr("approver_admin_member@test.com")},
	// 																																																NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																															},
	// 																																															&armauthorization.RoleManagementPolicyExpirationRule{
	// 																																																ID: to.Ptr("Expiration_EndUser_Assignment"),
	// 																																																RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																																																Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																	Caller: to.Ptr("EndUser"),
	// 																																																	Level: to.Ptr("Assignment"),
	// 																																																	Operations: []*string{
	// 																																																		to.Ptr("All")},
	// 																																																	},
	// 																																																	IsExpirationRequired: to.Ptr(true),
	// 																																																	MaximumDuration: to.Ptr("PT7H"),
	// 																																																},
	// 																																																&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																																	ID: to.Ptr("Enablement_EndUser_Assignment"),
	// 																																																	RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																																	Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																		Caller: to.Ptr("EndUser"),
	// 																																																		Level: to.Ptr("Assignment"),
	// 																																																		Operations: []*string{
	// 																																																			to.Ptr("All")},
	// 																																																		},
	// 																																																		EnabledRules: []*armauthorization.EnablementRules{
	// 																																																			to.Ptr(armauthorization.EnablementRulesJustification),
	// 																																																			to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication),
	// 																																																			to.Ptr(armauthorization.EnablementRulesTicketing)},
	// 																																																		},
	// 																																																		&armauthorization.RoleManagementPolicyApprovalRule{
	// 																																																			ID: to.Ptr("Approval_EndUser_Assignment"),
	// 																																																			RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule),
	// 																																																			Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																				Caller: to.Ptr("EndUser"),
	// 																																																				Level: to.Ptr("Assignment"),
	// 																																																				Operations: []*string{
	// 																																																					to.Ptr("All")},
	// 																																																				},
	// 																																																				Setting: &armauthorization.ApprovalSettings{
	// 																																																					ApprovalMode: to.Ptr(armauthorization.ApprovalModeSingleStage),
	// 																																																					ApprovalStages: []*armauthorization.ApprovalStage{
	// 																																																						{
	// 																																																							ApprovalStageTimeOutInDays: to.Ptr[int32](1),
	// 																																																							EscalationTimeInMinutes: to.Ptr[int32](0),
	// 																																																							IsApproverJustificationRequired: to.Ptr(true),
	// 																																																							IsEscalationEnabled: to.Ptr(false),
	// 																																																							PrimaryApprovers: []*armauthorization.UserSet{
	// 																																																								{
	// 																																																									Description: to.Ptr("amansw_new_group"),
	// 																																																									ID: to.Ptr("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd"),
	// 																																																									IsBackup: to.Ptr(false),
	// 																																																									UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																																																								},
	// 																																																								{
	// 																																																									Description: to.Ptr("amansw_group"),
	// 																																																									ID: to.Ptr("2f4913c9-d15b-406a-9946-1d66a28f2690"),
	// 																																																									IsBackup: to.Ptr(false),
	// 																																																									UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																																																							}},
	// 																																																					}},
	// 																																																					IsApprovalRequired: to.Ptr(true),
	// 																																																					IsApprovalRequiredForExtension: to.Ptr(false),
	// 																																																					IsRequestorJustificationRequired: to.Ptr(true),
	// 																																																				},
	// 																																																			},
	// 																																																			&armauthorization.RoleManagementPolicyAuthenticationContextRule{
	// 																																																				ID: to.Ptr("AuthenticationContext_EndUser_Assignment"),
	// 																																																				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule),
	// 																																																				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																					Caller: to.Ptr("EndUser"),
	// 																																																					Level: to.Ptr("Assignment"),
	// 																																																					Operations: []*string{
	// 																																																						to.Ptr("All")},
	// 																																																					},
	// 																																																					ClaimValue: to.Ptr(""),
	// 																																																					IsEnabled: to.Ptr(false),
	// 																																																				},
	// 																																																				&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																					ID: to.Ptr("Notification_Admin_EndUser_Assignment"),
	// 																																																					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																						Caller: to.Ptr("EndUser"),
	// 																																																						Level: to.Ptr("Assignment"),
	// 																																																						Operations: []*string{
	// 																																																							to.Ptr("All")},
	// 																																																						},
	// 																																																						IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																																						NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																						NotificationRecipients: []*string{
	// 																																																							to.Ptr("admin_enduser_member@test.com")},
	// 																																																							NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																							RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																																						},
	// 																																																						&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																							ID: to.Ptr("Notification_Requestor_EndUser_Assignment"),
	// 																																																							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																								Caller: to.Ptr("EndUser"),
	// 																																																								Level: to.Ptr("Assignment"),
	// 																																																								Operations: []*string{
	// 																																																									to.Ptr("All")},
	// 																																																								},
	// 																																																								IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																																								NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																								NotificationRecipients: []*string{
	// 																																																									to.Ptr("requestor_enduser_member@test.com")},
	// 																																																									NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																									RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																																								},
	// 																																																								&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																									ID: to.Ptr("Notification_Approver_EndUser_Assignment"),
	// 																																																									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																										Caller: to.Ptr("EndUser"),
	// 																																																										Level: to.Ptr("Assignment"),
	// 																																																										Operations: []*string{
	// 																																																											to.Ptr("All")},
	// 																																																										},
	// 																																																										IsDefaultRecipientsEnabled: to.Ptr(true),
	// 																																																										NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																										NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																										RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																																								}},
	// 																																																								Scope: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368"),
	// 																																																							},
	// 																																																						}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Update a role management policy
 *
 * @summary Update a role management policy
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json
 */
async function patchPartialRoleManagementPolicy() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368";
  const roleManagementPolicyName = "570c3619-7688-4b34-b290-2b8bb3ccab2a";
  const parameters = {
    rules: [
      {
        id: "Expiration_Admin_Eligibility",
        isExpirationRequired: false,
        maximumDuration: "P180D",
        ruleType: "RoleManagementPolicyExpirationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Admin_Admin_Eligibility",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["admin_admin_eligible@test.com"],
        notificationType: "Email",
        recipientType: "Admin",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
    ],
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const result = await client.roleManagementPolicies.update(
    scope,
    roleManagementPolicyName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization.Models;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json
// this example is just showing the usage of "RoleManagementPolicies_Update" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this RoleManagementPolicyResource created on azure
// for more information of creating RoleManagementPolicyResource, please refer to the document of RoleManagementPolicyResource
string scope = "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368";
string roleManagementPolicyName = "570c3619-7688-4b34-b290-2b8bb3ccab2a";
ResourceIdentifier roleManagementPolicyResourceId = RoleManagementPolicyResource.CreateResourceIdentifier(scope, roleManagementPolicyName);
RoleManagementPolicyResource roleManagementPolicy = client.GetRoleManagementPolicyResource(roleManagementPolicyResourceId);

// invoke the operation
RoleManagementPolicyData data = new RoleManagementPolicyData()
{
    Rules =
    {
    new RoleManagementPolicyExpirationRule()
    {
    IsExpirationRequired = false,
    MaximumDuration = XmlConvert.ToTimeSpan("P180D"),
    Id = "Expiration_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Admin,
    NotificationRecipients =
    {
    "admin_admin_eligible@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Admin_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    }
    },
};
RoleManagementPolicyResource result = await roleManagementPolicy.UpdateAsync(data);

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
RoleManagementPolicyData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:: 200

{
  "properties": {
    "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
    "displayName": null,
    "description": null,
    "isOrganizationDefault": false,
    "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00",
    "lastModifiedBy": {
      "id": null,
      "displayName": "Admin",
      "type": null,
      "email": null
    },
    "rules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ],
    "effectiveRules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ],
    "policyProperties": {
      "scope": {
        "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
        "displayName": "Pay-As-You-Go",
        "type": "subscription"
      }
    }
  },
  "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a",
  "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a",
  "type": "Microsoft.Authorization/RoleManagementPolicies"
}

PatchRoleManagementPolicy

Solicitação de exemplo

PATCH https://management.azure.com/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a?api-version=2020-10-01

{
  "properties": {
    "rules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ]
  }
}


import com.azure.resourcemanager.authorization.fluent.models.RoleManagementPolicyInner;
import com.azure.resourcemanager.authorization.models.ApprovalMode;
import com.azure.resourcemanager.authorization.models.ApprovalSettings;
import com.azure.resourcemanager.authorization.models.ApprovalStage;
import com.azure.resourcemanager.authorization.models.EnablementRules;
import com.azure.resourcemanager.authorization.models.NotificationDeliveryMechanism;
import com.azure.resourcemanager.authorization.models.NotificationLevel;
import com.azure.resourcemanager.authorization.models.RecipientType;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyApprovalRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyAuthenticationContextRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyEnablementRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyExpirationRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyNotificationRule;
import com.azure.resourcemanager.authorization.models.RoleManagementPolicyRuleTarget;
import com.azure.resourcemanager.authorization.models.UserSet;
import com.azure.resourcemanager.authorization.models.UserType;
import java.util.Arrays;

/**
 * Samples for RoleManagementPolicies Update.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/
     * PatchRoleManagementPolicy.json
     */
    /**
     * Sample code: PatchRoleManagementPolicy.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void patchRoleManagementPolicy(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.accessManagement().roleAssignments().manager().roleServiceClient().getRoleManagementPolicies()
            .updateWithResponse("providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
                "570c3619-7688-4b34-b290-2b8bb3ccab2a",
                new RoleManagementPolicyInner().withRules(Arrays.asList(
                    new RoleManagementPolicyExpirationRule().withId("Expiration_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withIsExpirationRequired(false).withMaximumDuration("P180D"),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Admin_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.ADMIN)
                        .withNotificationRecipients(Arrays.asList("admin_admin_eligible@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Requestor_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.REQUESTOR)
                        .withNotificationRecipients(Arrays.asList("requestor_admin_eligible@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Approver_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.APPROVER)
                        .withNotificationRecipients(Arrays.asList("approver_admin_eligible@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyEnablementRule().withId("Enablement_Admin_Eligibility")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Eligibility"))
                        .withEnabledRules(Arrays.asList()),
                    new RoleManagementPolicyExpirationRule().withId("Expiration_Admin_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withIsExpirationRequired(false).withMaximumDuration("P90D"),
                    new RoleManagementPolicyEnablementRule().withId("Enablement_Admin_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withEnabledRules(
                            Arrays.asList(EnablementRules.JUSTIFICATION, EnablementRules.MULTI_FACTOR_AUTHENTICATION)),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Admin_Admin_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.ADMIN)
                        .withNotificationRecipients(Arrays.asList("admin_admin_member@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Requestor_Admin_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.REQUESTOR)
                        .withNotificationRecipients(Arrays.asList("requestor_admin_member@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Approver_Admin_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("Admin")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.APPROVER)
                        .withNotificationRecipients(Arrays.asList("approver_admin_member@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyExpirationRule().withId("Expiration_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withIsExpirationRequired(true).withMaximumDuration("PT7H"),
                    new RoleManagementPolicyEnablementRule().withId("Enablement_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withEnabledRules(Arrays.asList(EnablementRules.JUSTIFICATION,
                            EnablementRules.MULTI_FACTOR_AUTHENTICATION, EnablementRules.TICKETING)),
                    new RoleManagementPolicyApprovalRule().withId("Approval_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withSetting(new ApprovalSettings().withIsApprovalRequired(true)
                            .withIsApprovalRequiredForExtension(false).withIsRequestorJustificationRequired(true)
                            .withApprovalMode(ApprovalMode.SINGLE_STAGE)
                            .withApprovalStages(Arrays.asList(new ApprovalStage().withApprovalStageTimeOutInDays(1)
                                .withIsApproverJustificationRequired(true).withEscalationTimeInMinutes(0)
                                .withPrimaryApprovers(Arrays.asList(
                                    new UserSet().withUserType(UserType.GROUP).withIsBackup(false)
                                        .withId("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd")
                                        .withDescription("amansw_new_group"),
                                    new UserSet().withUserType(UserType.GROUP).withIsBackup(false)
                                        .withId("2f4913c9-d15b-406a-9946-1d66a28f2690")
                                        .withDescription("amansw_group")))
                                .withIsEscalationEnabled(false)))),
                    new RoleManagementPolicyAuthenticationContextRule()
                        .withId("AuthenticationContext_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withIsEnabled(false).withClaimValue(""),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Admin_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.ADMIN)
                        .withNotificationRecipients(Arrays.asList("admin_enduser_member@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Requestor_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.REQUESTOR)
                        .withNotificationRecipients(Arrays.asList("requestor_enduser_member@test.com"))
                        .withIsDefaultRecipientsEnabled(false),
                    new RoleManagementPolicyNotificationRule().withId("Notification_Approver_EndUser_Assignment")
                        .withTarget(new RoleManagementPolicyRuleTarget().withCaller("EndUser")
                            .withOperations(Arrays.asList("All")).withLevel("Assignment"))
                        .withNotificationType(NotificationDeliveryMechanism.EMAIL)
                        .withNotificationLevel(NotificationLevel.CRITICAL).withRecipientType(RecipientType.APPROVER)
                        .withIsDefaultRecipientsEnabled(true))),
                com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armauthorization_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json
func ExampleRoleManagementPoliciesClient_Update_patchRoleManagementPolicy() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armauthorization.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewRoleManagementPoliciesClient().Update(ctx, "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "570c3619-7688-4b34-b290-2b8bb3ccab2a", armauthorization.RoleManagementPolicy{
		Properties: &armauthorization.RoleManagementPolicyProperties{
			Rules: []armauthorization.RoleManagementPolicyRuleClassification{
				&armauthorization.RoleManagementPolicyExpirationRule{
					ID:       to.Ptr("Expiration_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsExpirationRequired: to.Ptr(false),
					MaximumDuration:      to.Ptr("P180D"),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Admin_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("admin_admin_eligible@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeAdmin),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Requestor_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("requestor_admin_eligible@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeRequestor),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Approver_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("approver_admin_eligible@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeApprover),
				},
				&armauthorization.RoleManagementPolicyEnablementRule{
					ID:       to.Ptr("Enablement_Admin_Eligibility"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Eligibility"),
						Operations: []*string{
							to.Ptr("All")},
					},
					EnabledRules: []*armauthorization.EnablementRules{},
				},
				&armauthorization.RoleManagementPolicyExpirationRule{
					ID:       to.Ptr("Expiration_Admin_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsExpirationRequired: to.Ptr(false),
					MaximumDuration:      to.Ptr("P90D"),
				},
				&armauthorization.RoleManagementPolicyEnablementRule{
					ID:       to.Ptr("Enablement_Admin_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					EnabledRules: []*armauthorization.EnablementRules{
						to.Ptr(armauthorization.EnablementRulesJustification),
						to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication)},
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Admin_Admin_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("admin_admin_member@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeAdmin),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Requestor_Admin_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("requestor_admin_member@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeRequestor),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Approver_Admin_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("Admin"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("approver_admin_member@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeApprover),
				},
				&armauthorization.RoleManagementPolicyExpirationRule{
					ID:       to.Ptr("Expiration_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsExpirationRequired: to.Ptr(true),
					MaximumDuration:      to.Ptr("PT7H"),
				},
				&armauthorization.RoleManagementPolicyEnablementRule{
					ID:       to.Ptr("Enablement_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					EnabledRules: []*armauthorization.EnablementRules{
						to.Ptr(armauthorization.EnablementRulesJustification),
						to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication),
						to.Ptr(armauthorization.EnablementRulesTicketing)},
				},
				&armauthorization.RoleManagementPolicyApprovalRule{
					ID:       to.Ptr("Approval_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					Setting: &armauthorization.ApprovalSettings{
						ApprovalMode: to.Ptr(armauthorization.ApprovalModeSingleStage),
						ApprovalStages: []*armauthorization.ApprovalStage{
							{
								ApprovalStageTimeOutInDays:      to.Ptr[int32](1),
								EscalationTimeInMinutes:         to.Ptr[int32](0),
								IsApproverJustificationRequired: to.Ptr(true),
								IsEscalationEnabled:             to.Ptr(false),
								PrimaryApprovers: []*armauthorization.UserSet{
									{
										Description: to.Ptr("amansw_new_group"),
										ID:          to.Ptr("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd"),
										IsBackup:    to.Ptr(false),
										UserType:    to.Ptr(armauthorization.UserTypeGroup),
									},
									{
										Description: to.Ptr("amansw_group"),
										ID:          to.Ptr("2f4913c9-d15b-406a-9946-1d66a28f2690"),
										IsBackup:    to.Ptr(false),
										UserType:    to.Ptr(armauthorization.UserTypeGroup),
									}},
							}},
						IsApprovalRequired:               to.Ptr(true),
						IsApprovalRequiredForExtension:   to.Ptr(false),
						IsRequestorJustificationRequired: to.Ptr(true),
					},
				},
				&armauthorization.RoleManagementPolicyAuthenticationContextRule{
					ID:       to.Ptr("AuthenticationContext_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					ClaimValue: to.Ptr(""),
					IsEnabled:  to.Ptr(false),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Admin_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("admin_enduser_member@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeAdmin),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Requestor_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(false),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationRecipients: []*string{
						to.Ptr("requestor_enduser_member@test.com")},
					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:    to.Ptr(armauthorization.RecipientTypeRequestor),
				},
				&armauthorization.RoleManagementPolicyNotificationRule{
					ID:       to.Ptr("Notification_Approver_EndUser_Assignment"),
					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
					Target: &armauthorization.RoleManagementPolicyRuleTarget{
						Caller: to.Ptr("EndUser"),
						Level:  to.Ptr("Assignment"),
						Operations: []*string{
							to.Ptr("All")},
					},
					IsDefaultRecipientsEnabled: to.Ptr(true),
					NotificationLevel:          to.Ptr(armauthorization.NotificationLevelCritical),
					NotificationType:           to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
					RecipientType:              to.Ptr(armauthorization.RecipientTypeApprover),
				}},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.RoleManagementPolicy = armauthorization.RoleManagementPolicy{
	// 	Name: to.Ptr("570c3619-7688-4b34-b290-2b8bb3ccab2a"),
	// 	Type: to.Ptr("Microsoft.Authorization/RoleManagementPolicies"),
	// 	ID: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a"),
	// 	Properties: &armauthorization.RoleManagementPolicyProperties{
	// 		EffectiveRules: []armauthorization.RoleManagementPolicyRuleClassification{
	// 			&armauthorization.RoleManagementPolicyExpirationRule{
	// 				ID: to.Ptr("Expiration_Admin_Eligibility"),
	// 				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 					Caller: to.Ptr("Admin"),
	// 					Level: to.Ptr("Eligibility"),
	// 					Operations: []*string{
	// 						to.Ptr("All")},
	// 					},
	// 					IsExpirationRequired: to.Ptr(false),
	// 					MaximumDuration: to.Ptr("P180D"),
	// 				},
	// 				&armauthorization.RoleManagementPolicyNotificationRule{
	// 					ID: to.Ptr("Notification_Admin_Admin_Eligibility"),
	// 					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 						Caller: to.Ptr("Admin"),
	// 						Level: to.Ptr("Eligibility"),
	// 						Operations: []*string{
	// 							to.Ptr("All")},
	// 						},
	// 						IsDefaultRecipientsEnabled: to.Ptr(false),
	// 						NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 						NotificationRecipients: []*string{
	// 							to.Ptr("admin_admin_eligible@test.com")},
	// 							NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 							RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 						},
	// 						&armauthorization.RoleManagementPolicyNotificationRule{
	// 							ID: to.Ptr("Notification_Requestor_Admin_Eligibility"),
	// 							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 								Caller: to.Ptr("Admin"),
	// 								Level: to.Ptr("Eligibility"),
	// 								Operations: []*string{
	// 									to.Ptr("All")},
	// 								},
	// 								IsDefaultRecipientsEnabled: to.Ptr(false),
	// 								NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 								NotificationRecipients: []*string{
	// 									to.Ptr("requestor_admin_eligible@test.com")},
	// 									NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 									RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 								},
	// 								&armauthorization.RoleManagementPolicyNotificationRule{
	// 									ID: to.Ptr("Notification_Approver_Admin_Eligibility"),
	// 									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 										Caller: to.Ptr("Admin"),
	// 										Level: to.Ptr("Eligibility"),
	// 										Operations: []*string{
	// 											to.Ptr("All")},
	// 										},
	// 										IsDefaultRecipientsEnabled: to.Ptr(false),
	// 										NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 										NotificationRecipients: []*string{
	// 											to.Ptr("approver_admin_eligible@test.com")},
	// 											NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 											RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 										},
	// 										&armauthorization.RoleManagementPolicyEnablementRule{
	// 											ID: to.Ptr("Enablement_Admin_Eligibility"),
	// 											RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 											Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 												Caller: to.Ptr("Admin"),
	// 												Level: to.Ptr("Eligibility"),
	// 												Operations: []*string{
	// 													to.Ptr("All")},
	// 												},
	// 												EnabledRules: []*armauthorization.EnablementRules{
	// 												},
	// 											},
	// 											&armauthorization.RoleManagementPolicyExpirationRule{
	// 												ID: to.Ptr("Expiration_Admin_Assignment"),
	// 												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 													Caller: to.Ptr("Admin"),
	// 													Level: to.Ptr("Assignment"),
	// 													Operations: []*string{
	// 														to.Ptr("All")},
	// 													},
	// 													IsExpirationRequired: to.Ptr(false),
	// 													MaximumDuration: to.Ptr("P90D"),
	// 												},
	// 												&armauthorization.RoleManagementPolicyEnablementRule{
	// 													ID: to.Ptr("Enablement_Admin_Assignment"),
	// 													RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 													Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 														Caller: to.Ptr("Admin"),
	// 														Level: to.Ptr("Assignment"),
	// 														Operations: []*string{
	// 															to.Ptr("All")},
	// 														},
	// 														EnabledRules: []*armauthorization.EnablementRules{
	// 															to.Ptr(armauthorization.EnablementRulesJustification),
	// 															to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication)},
	// 														},
	// 														&armauthorization.RoleManagementPolicyNotificationRule{
	// 															ID: to.Ptr("Notification_Admin_Admin_Assignment"),
	// 															RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 															Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																Caller: to.Ptr("Admin"),
	// 																Level: to.Ptr("Assignment"),
	// 																Operations: []*string{
	// 																	to.Ptr("All")},
	// 																},
	// 																IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																NotificationRecipients: []*string{
	// 																	to.Ptr("admin_admin_member@test.com")},
	// 																	NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																	RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																},
	// 																&armauthorization.RoleManagementPolicyNotificationRule{
	// 																	ID: to.Ptr("Notification_Requestor_Admin_Assignment"),
	// 																	RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																	Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																		Caller: to.Ptr("Admin"),
	// 																		Level: to.Ptr("Assignment"),
	// 																		Operations: []*string{
	// 																			to.Ptr("All")},
	// 																		},
	// 																		IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																		NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																		NotificationRecipients: []*string{
	// 																			to.Ptr("requestor_admin_member@test.com")},
	// 																			NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																			RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																		},
	// 																		&armauthorization.RoleManagementPolicyNotificationRule{
	// 																			ID: to.Ptr("Notification_Approver_Admin_Assignment"),
	// 																			RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																			Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																				Caller: to.Ptr("Admin"),
	// 																				Level: to.Ptr("Assignment"),
	// 																				Operations: []*string{
	// 																					to.Ptr("All")},
	// 																				},
	// 																				IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																				NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																				NotificationRecipients: []*string{
	// 																					to.Ptr("approver_admin_member@test.com")},
	// 																					NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																					RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																				},
	// 																				&armauthorization.RoleManagementPolicyExpirationRule{
	// 																					ID: to.Ptr("Expiration_EndUser_Assignment"),
	// 																					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																						Caller: to.Ptr("EndUser"),
	// 																						Level: to.Ptr("Assignment"),
	// 																						Operations: []*string{
	// 																							to.Ptr("All")},
	// 																						},
	// 																						IsExpirationRequired: to.Ptr(true),
	// 																						MaximumDuration: to.Ptr("PT7H"),
	// 																					},
	// 																					&armauthorization.RoleManagementPolicyEnablementRule{
	// 																						ID: to.Ptr("Enablement_EndUser_Assignment"),
	// 																						RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																						Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																							Caller: to.Ptr("EndUser"),
	// 																							Level: to.Ptr("Assignment"),
	// 																							Operations: []*string{
	// 																								to.Ptr("All")},
	// 																							},
	// 																							EnabledRules: []*armauthorization.EnablementRules{
	// 																								to.Ptr(armauthorization.EnablementRulesJustification),
	// 																								to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication),
	// 																								to.Ptr(armauthorization.EnablementRulesTicketing)},
	// 																							},
	// 																							&armauthorization.RoleManagementPolicyApprovalRule{
	// 																								ID: to.Ptr("Approval_EndUser_Assignment"),
	// 																								RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule),
	// 																								Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																									Caller: to.Ptr("EndUser"),
	// 																									Level: to.Ptr("Assignment"),
	// 																									Operations: []*string{
	// 																										to.Ptr("All")},
	// 																									},
	// 																									Setting: &armauthorization.ApprovalSettings{
	// 																										ApprovalMode: to.Ptr(armauthorization.ApprovalModeSingleStage),
	// 																										ApprovalStages: []*armauthorization.ApprovalStage{
	// 																											{
	// 																												ApprovalStageTimeOutInDays: to.Ptr[int32](1),
	// 																												EscalationTimeInMinutes: to.Ptr[int32](0),
	// 																												IsApproverJustificationRequired: to.Ptr(true),
	// 																												IsEscalationEnabled: to.Ptr(false),
	// 																												PrimaryApprovers: []*armauthorization.UserSet{
	// 																													{
	// 																														Description: to.Ptr("amansw_new_group"),
	// 																														ID: to.Ptr("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd"),
	// 																														IsBackup: to.Ptr(false),
	// 																														UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																													},
	// 																													{
	// 																														Description: to.Ptr("amansw_group"),
	// 																														ID: to.Ptr("2f4913c9-d15b-406a-9946-1d66a28f2690"),
	// 																														IsBackup: to.Ptr(false),
	// 																														UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																												}},
	// 																										}},
	// 																										IsApprovalRequired: to.Ptr(true),
	// 																										IsApprovalRequiredForExtension: to.Ptr(false),
	// 																										IsRequestorJustificationRequired: to.Ptr(true),
	// 																									},
	// 																								},
	// 																								&armauthorization.RoleManagementPolicyAuthenticationContextRule{
	// 																									ID: to.Ptr("AuthenticationContext_EndUser_Assignment"),
	// 																									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule),
	// 																									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																										Caller: to.Ptr("EndUser"),
	// 																										Level: to.Ptr("Assignment"),
	// 																										Operations: []*string{
	// 																											to.Ptr("All")},
	// 																										},
	// 																										ClaimValue: to.Ptr(""),
	// 																										IsEnabled: to.Ptr(false),
	// 																									},
	// 																									&armauthorization.RoleManagementPolicyNotificationRule{
	// 																										ID: to.Ptr("Notification_Admin_EndUser_Assignment"),
	// 																										RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																										Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																											Caller: to.Ptr("EndUser"),
	// 																											Level: to.Ptr("Assignment"),
	// 																											Operations: []*string{
	// 																												to.Ptr("All")},
	// 																											},
	// 																											IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																											NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																											NotificationRecipients: []*string{
	// 																												to.Ptr("admin_enduser_member@test.com")},
	// 																												NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																												RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																											},
	// 																											&armauthorization.RoleManagementPolicyNotificationRule{
	// 																												ID: to.Ptr("Notification_Requestor_EndUser_Assignment"),
	// 																												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																													Caller: to.Ptr("EndUser"),
	// 																													Level: to.Ptr("Assignment"),
	// 																													Operations: []*string{
	// 																														to.Ptr("All")},
	// 																													},
	// 																													IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																													NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																													NotificationRecipients: []*string{
	// 																														to.Ptr("requestor_enduser_member@test.com")},
	// 																														NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																														RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																													},
	// 																													&armauthorization.RoleManagementPolicyNotificationRule{
	// 																														ID: to.Ptr("Notification_Approver_EndUser_Assignment"),
	// 																														RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																														Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																															Caller: to.Ptr("EndUser"),
	// 																															Level: to.Ptr("Assignment"),
	// 																															Operations: []*string{
	// 																																to.Ptr("All")},
	// 																															},
	// 																															IsDefaultRecipientsEnabled: to.Ptr(true),
	// 																															NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																															NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																															RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																													}},
	// 																													IsOrganizationDefault: to.Ptr(false),
	// 																													LastModifiedBy: &armauthorization.Principal{
	// 																														DisplayName: to.Ptr("Admin"),
	// 																													},
	// 																													LastModifiedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-17T16:35:27.910Z"); return t}()),
	// 																													PolicyProperties: &armauthorization.PolicyProperties{
	// 																														Scope: &armauthorization.PolicyPropertiesScope{
	// 																															Type: to.Ptr("subscription"),
	// 																															DisplayName: to.Ptr("Pay-As-You-Go"),
	// 																															ID: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368"),
	// 																														},
	// 																													},
	// 																													Rules: []armauthorization.RoleManagementPolicyRuleClassification{
	// 																														&armauthorization.RoleManagementPolicyExpirationRule{
	// 																															ID: to.Ptr("Expiration_Admin_Eligibility"),
	// 																															RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																															Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																Caller: to.Ptr("Admin"),
	// 																																Level: to.Ptr("Eligibility"),
	// 																																Operations: []*string{
	// 																																	to.Ptr("All")},
	// 																																},
	// 																																IsExpirationRequired: to.Ptr(false),
	// 																																MaximumDuration: to.Ptr("P180D"),
	// 																															},
	// 																															&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																ID: to.Ptr("Notification_Admin_Admin_Eligibility"),
	// 																																RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																	Caller: to.Ptr("Admin"),
	// 																																	Level: to.Ptr("Eligibility"),
	// 																																	Operations: []*string{
	// 																																		to.Ptr("All")},
	// 																																	},
	// 																																	IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																	NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																	NotificationRecipients: []*string{
	// 																																		to.Ptr("admin_admin_eligible@test.com")},
	// 																																		NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																		RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																	},
	// 																																	&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																		ID: to.Ptr("Notification_Requestor_Admin_Eligibility"),
	// 																																		RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																		Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																			Caller: to.Ptr("Admin"),
	// 																																			Level: to.Ptr("Eligibility"),
	// 																																			Operations: []*string{
	// 																																				to.Ptr("All")},
	// 																																			},
	// 																																			IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																			NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																			NotificationRecipients: []*string{
	// 																																				to.Ptr("requestor_admin_eligible@test.com")},
	// 																																				NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																				RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																			},
	// 																																			&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																				ID: to.Ptr("Notification_Approver_Admin_Eligibility"),
	// 																																				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																					Caller: to.Ptr("Admin"),
	// 																																					Level: to.Ptr("Eligibility"),
	// 																																					Operations: []*string{
	// 																																						to.Ptr("All")},
	// 																																					},
	// 																																					IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																					NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																					NotificationRecipients: []*string{
	// 																																						to.Ptr("approver_admin_eligible@test.com")},
	// 																																						NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																						RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																					},
	// 																																					&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																						ID: to.Ptr("Enablement_Admin_Eligibility"),
	// 																																						RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																						Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																							Caller: to.Ptr("Admin"),
	// 																																							Level: to.Ptr("Eligibility"),
	// 																																							Operations: []*string{
	// 																																								to.Ptr("All")},
	// 																																							},
	// 																																							EnabledRules: []*armauthorization.EnablementRules{
	// 																																							},
	// 																																						},
	// 																																						&armauthorization.RoleManagementPolicyExpirationRule{
	// 																																							ID: to.Ptr("Expiration_Admin_Assignment"),
	// 																																							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																																							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																								Caller: to.Ptr("Admin"),
	// 																																								Level: to.Ptr("Assignment"),
	// 																																								Operations: []*string{
	// 																																									to.Ptr("All")},
	// 																																								},
	// 																																								IsExpirationRequired: to.Ptr(false),
	// 																																								MaximumDuration: to.Ptr("P90D"),
	// 																																							},
	// 																																							&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																								ID: to.Ptr("Enablement_Admin_Assignment"),
	// 																																								RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																								Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																									Caller: to.Ptr("Admin"),
	// 																																									Level: to.Ptr("Assignment"),
	// 																																									Operations: []*string{
	// 																																										to.Ptr("All")},
	// 																																									},
	// 																																									EnabledRules: []*armauthorization.EnablementRules{
	// 																																										to.Ptr(armauthorization.EnablementRulesJustification),
	// 																																										to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication)},
	// 																																									},
	// 																																									&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																										ID: to.Ptr("Notification_Admin_Admin_Assignment"),
	// 																																										RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																										Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																											Caller: to.Ptr("Admin"),
	// 																																											Level: to.Ptr("Assignment"),
	// 																																											Operations: []*string{
	// 																																												to.Ptr("All")},
	// 																																											},
	// 																																											IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																											NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																											NotificationRecipients: []*string{
	// 																																												to.Ptr("admin_admin_member@test.com")},
	// 																																												NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																												RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																											},
	// 																																											&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																												ID: to.Ptr("Notification_Requestor_Admin_Assignment"),
	// 																																												RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																												Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																													Caller: to.Ptr("Admin"),
	// 																																													Level: to.Ptr("Assignment"),
	// 																																													Operations: []*string{
	// 																																														to.Ptr("All")},
	// 																																													},
	// 																																													IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																													NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																													NotificationRecipients: []*string{
	// 																																														to.Ptr("requestor_admin_member@test.com")},
	// 																																														NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																														RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																													},
	// 																																													&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																														ID: to.Ptr("Notification_Approver_Admin_Assignment"),
	// 																																														RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																														Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																															Caller: to.Ptr("Admin"),
	// 																																															Level: to.Ptr("Assignment"),
	// 																																															Operations: []*string{
	// 																																																to.Ptr("All")},
	// 																																															},
	// 																																															IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																															NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																															NotificationRecipients: []*string{
	// 																																																to.Ptr("approver_admin_member@test.com")},
	// 																																																NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																															},
	// 																																															&armauthorization.RoleManagementPolicyExpirationRule{
	// 																																																ID: to.Ptr("Expiration_EndUser_Assignment"),
	// 																																																RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule),
	// 																																																Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																	Caller: to.Ptr("EndUser"),
	// 																																																	Level: to.Ptr("Assignment"),
	// 																																																	Operations: []*string{
	// 																																																		to.Ptr("All")},
	// 																																																	},
	// 																																																	IsExpirationRequired: to.Ptr(true),
	// 																																																	MaximumDuration: to.Ptr("PT7H"),
	// 																																																},
	// 																																																&armauthorization.RoleManagementPolicyEnablementRule{
	// 																																																	ID: to.Ptr("Enablement_EndUser_Assignment"),
	// 																																																	RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule),
	// 																																																	Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																		Caller: to.Ptr("EndUser"),
	// 																																																		Level: to.Ptr("Assignment"),
	// 																																																		Operations: []*string{
	// 																																																			to.Ptr("All")},
	// 																																																		},
	// 																																																		EnabledRules: []*armauthorization.EnablementRules{
	// 																																																			to.Ptr(armauthorization.EnablementRulesJustification),
	// 																																																			to.Ptr(armauthorization.EnablementRulesMultiFactorAuthentication),
	// 																																																			to.Ptr(armauthorization.EnablementRulesTicketing)},
	// 																																																		},
	// 																																																		&armauthorization.RoleManagementPolicyApprovalRule{
	// 																																																			ID: to.Ptr("Approval_EndUser_Assignment"),
	// 																																																			RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule),
	// 																																																			Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																				Caller: to.Ptr("EndUser"),
	// 																																																				Level: to.Ptr("Assignment"),
	// 																																																				Operations: []*string{
	// 																																																					to.Ptr("All")},
	// 																																																				},
	// 																																																				Setting: &armauthorization.ApprovalSettings{
	// 																																																					ApprovalMode: to.Ptr(armauthorization.ApprovalModeSingleStage),
	// 																																																					ApprovalStages: []*armauthorization.ApprovalStage{
	// 																																																						{
	// 																																																							ApprovalStageTimeOutInDays: to.Ptr[int32](1),
	// 																																																							EscalationTimeInMinutes: to.Ptr[int32](0),
	// 																																																							IsApproverJustificationRequired: to.Ptr(true),
	// 																																																							IsEscalationEnabled: to.Ptr(false),
	// 																																																							PrimaryApprovers: []*armauthorization.UserSet{
	// 																																																								{
	// 																																																									Description: to.Ptr("amansw_new_group"),
	// 																																																									ID: to.Ptr("2385b0f3-5fa9-43cf-8ca4-b01dc97298cd"),
	// 																																																									IsBackup: to.Ptr(false),
	// 																																																									UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																																																								},
	// 																																																								{
	// 																																																									Description: to.Ptr("amansw_group"),
	// 																																																									ID: to.Ptr("2f4913c9-d15b-406a-9946-1d66a28f2690"),
	// 																																																									IsBackup: to.Ptr(false),
	// 																																																									UserType: to.Ptr(armauthorization.UserTypeGroup),
	// 																																																							}},
	// 																																																					}},
	// 																																																					IsApprovalRequired: to.Ptr(true),
	// 																																																					IsApprovalRequiredForExtension: to.Ptr(false),
	// 																																																					IsRequestorJustificationRequired: to.Ptr(true),
	// 																																																				},
	// 																																																			},
	// 																																																			&armauthorization.RoleManagementPolicyAuthenticationContextRule{
	// 																																																				ID: to.Ptr("AuthenticationContext_EndUser_Assignment"),
	// 																																																				RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule),
	// 																																																				Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																					Caller: to.Ptr("EndUser"),
	// 																																																					Level: to.Ptr("Assignment"),
	// 																																																					Operations: []*string{
	// 																																																						to.Ptr("All")},
	// 																																																					},
	// 																																																					ClaimValue: to.Ptr(""),
	// 																																																					IsEnabled: to.Ptr(false),
	// 																																																				},
	// 																																																				&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																					ID: to.Ptr("Notification_Admin_EndUser_Assignment"),
	// 																																																					RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																					Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																						Caller: to.Ptr("EndUser"),
	// 																																																						Level: to.Ptr("Assignment"),
	// 																																																						Operations: []*string{
	// 																																																							to.Ptr("All")},
	// 																																																						},
	// 																																																						IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																																						NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																						NotificationRecipients: []*string{
	// 																																																							to.Ptr("admin_enduser_member@test.com")},
	// 																																																							NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																							RecipientType: to.Ptr(armauthorization.RecipientTypeAdmin),
	// 																																																						},
	// 																																																						&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																							ID: to.Ptr("Notification_Requestor_EndUser_Assignment"),
	// 																																																							RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																							Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																								Caller: to.Ptr("EndUser"),
	// 																																																								Level: to.Ptr("Assignment"),
	// 																																																								Operations: []*string{
	// 																																																									to.Ptr("All")},
	// 																																																								},
	// 																																																								IsDefaultRecipientsEnabled: to.Ptr(false),
	// 																																																								NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																								NotificationRecipients: []*string{
	// 																																																									to.Ptr("requestor_enduser_member@test.com")},
	// 																																																									NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																									RecipientType: to.Ptr(armauthorization.RecipientTypeRequestor),
	// 																																																								},
	// 																																																								&armauthorization.RoleManagementPolicyNotificationRule{
	// 																																																									ID: to.Ptr("Notification_Approver_EndUser_Assignment"),
	// 																																																									RuleType: to.Ptr(armauthorization.RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule),
	// 																																																									Target: &armauthorization.RoleManagementPolicyRuleTarget{
	// 																																																										Caller: to.Ptr("EndUser"),
	// 																																																										Level: to.Ptr("Assignment"),
	// 																																																										Operations: []*string{
	// 																																																											to.Ptr("All")},
	// 																																																										},
	// 																																																										IsDefaultRecipientsEnabled: to.Ptr(true),
	// 																																																										NotificationLevel: to.Ptr(armauthorization.NotificationLevelCritical),
	// 																																																										NotificationType: to.Ptr(armauthorization.NotificationDeliveryMechanismEmail),
	// 																																																										RecipientType: to.Ptr(armauthorization.RecipientTypeApprover),
	// 																																																								}},
	// 																																																								Scope: to.Ptr("/subscriptions/129ff972-28f8-46b8-a726-e497be039368"),
	// 																																																							},
	// 																																																						}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { AuthorizationManagementClient } = require("@azure/arm-authorization");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Update a role management policy
 *
 * @summary Update a role management policy
 * x-ms-original-file: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json
 */
async function patchRoleManagementPolicy() {
  const subscriptionId =
    process.env["AUTHORIZATION_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const scope =
    "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368";
  const roleManagementPolicyName = "570c3619-7688-4b34-b290-2b8bb3ccab2a";
  const parameters = {
    rules: [
      {
        id: "Expiration_Admin_Eligibility",
        isExpirationRequired: false,
        maximumDuration: "P180D",
        ruleType: "RoleManagementPolicyExpirationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Admin_Admin_Eligibility",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["admin_admin_eligible@test.com"],
        notificationType: "Email",
        recipientType: "Admin",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Requestor_Admin_Eligibility",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["requestor_admin_eligible@test.com"],
        notificationType: "Email",
        recipientType: "Requestor",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Approver_Admin_Eligibility",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["approver_admin_eligible@test.com"],
        notificationType: "Email",
        recipientType: "Approver",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        enabledRules: [],
        id: "Enablement_Admin_Eligibility",
        ruleType: "RoleManagementPolicyEnablementRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Eligibility",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Expiration_Admin_Assignment",
        isExpirationRequired: false,
        maximumDuration: "P90D",
        ruleType: "RoleManagementPolicyExpirationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        enabledRules: ["Justification", "MultiFactorAuthentication"],
        id: "Enablement_Admin_Assignment",
        ruleType: "RoleManagementPolicyEnablementRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Admin_Admin_Assignment",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["admin_admin_member@test.com"],
        notificationType: "Email",
        recipientType: "Admin",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Requestor_Admin_Assignment",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["requestor_admin_member@test.com"],
        notificationType: "Email",
        recipientType: "Requestor",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Approver_Admin_Assignment",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["approver_admin_member@test.com"],
        notificationType: "Email",
        recipientType: "Approver",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "Admin",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Expiration_EndUser_Assignment",
        isExpirationRequired: true,
        maximumDuration: "PT7H",
        ruleType: "RoleManagementPolicyExpirationRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        enabledRules: ["Justification", "MultiFactorAuthentication", "Ticketing"],
        id: "Enablement_EndUser_Assignment",
        ruleType: "RoleManagementPolicyEnablementRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Approval_EndUser_Assignment",
        ruleType: "RoleManagementPolicyApprovalRule",
        setting: {
          approvalMode: "SingleStage",
          approvalStages: [
            {
              approvalStageTimeOutInDays: 1,
              escalationApprovers: [],
              escalationTimeInMinutes: 0,
              isApproverJustificationRequired: true,
              isEscalationEnabled: false,
              primaryApprovers: [
                {
                  description: "amansw_new_group",
                  id: "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  isBackup: false,
                  userType: "Group",
                },
                {
                  description: "amansw_group",
                  id: "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  isBackup: false,
                  userType: "Group",
                },
              ],
            },
          ],
          isApprovalRequired: true,
          isApprovalRequiredForExtension: false,
          isRequestorJustificationRequired: true,
        },
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        claimValue: "",
        id: "AuthenticationContext_EndUser_Assignment",
        isEnabled: false,
        ruleType: "RoleManagementPolicyAuthenticationContextRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Admin_EndUser_Assignment",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["admin_enduser_member@test.com"],
        notificationType: "Email",
        recipientType: "Admin",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Requestor_EndUser_Assignment",
        isDefaultRecipientsEnabled: false,
        notificationLevel: "Critical",
        notificationRecipients: ["requestor_enduser_member@test.com"],
        notificationType: "Email",
        recipientType: "Requestor",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
      {
        id: "Notification_Approver_EndUser_Assignment",
        isDefaultRecipientsEnabled: true,
        notificationLevel: "Critical",
        notificationRecipients: [],
        notificationType: "Email",
        recipientType: "Approver",
        ruleType: "RoleManagementPolicyNotificationRule",
        target: {
          caller: "EndUser",
          enforcedSettings: [],
          inheritableSettings: [],
          level: "Assignment",
          targetObjects: [],
          operations: ["All"],
        },
      },
    ],
  };
  const credential = new DefaultAzureCredential();
  const client = new AuthorizationManagementClient(credential, subscriptionId);
  const result = await client.roleManagementPolicies.update(
    scope,
    roleManagementPolicyName,
    parameters
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Authorization.Models;
using Azure.ResourceManager.Authorization;

// Generated from example definition: specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json
// this example is just showing the usage of "RoleManagementPolicies_Update" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this RoleManagementPolicyResource created on azure
// for more information of creating RoleManagementPolicyResource, please refer to the document of RoleManagementPolicyResource
string scope = "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368";
string roleManagementPolicyName = "570c3619-7688-4b34-b290-2b8bb3ccab2a";
ResourceIdentifier roleManagementPolicyResourceId = RoleManagementPolicyResource.CreateResourceIdentifier(scope, roleManagementPolicyName);
RoleManagementPolicyResource roleManagementPolicy = client.GetRoleManagementPolicyResource(roleManagementPolicyResourceId);

// invoke the operation
RoleManagementPolicyData data = new RoleManagementPolicyData()
{
    Rules =
    {
    new RoleManagementPolicyExpirationRule()
    {
    IsExpirationRequired = false,
    MaximumDuration = XmlConvert.ToTimeSpan("P180D"),
    Id = "Expiration_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Admin,
    NotificationRecipients =
    {
    "admin_admin_eligible@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Admin_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Requestor,
    NotificationRecipients =
    {
    "requestor_admin_eligible@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Requestor_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Approver,
    NotificationRecipients =
    {
    "approver_admin_eligible@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Approver_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyEnablementRule()
    {
    EnablementRules =
    {
    },
    Id = "Enablement_Admin_Eligibility",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Eligibility,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyExpirationRule()
    {
    IsExpirationRequired = false,
    MaximumDuration = XmlConvert.ToTimeSpan("P90D"),
    Id = "Expiration_Admin_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyEnablementRule()
    {
    EnablementRules =
    {
    RoleAssignmentEnablementRuleType.Justification,RoleAssignmentEnablementRuleType.MultiFactorAuthentication
    },
    Id = "Enablement_Admin_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Admin,
    NotificationRecipients =
    {
    "admin_admin_member@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Admin_Admin_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Requestor,
    NotificationRecipients =
    {
    "requestor_admin_member@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Requestor_Admin_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Approver,
    NotificationRecipients =
    {
    "approver_admin_member@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Approver_Admin_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "Admin",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyExpirationRule()
    {
    IsExpirationRequired = true,
    MaximumDuration = XmlConvert.ToTimeSpan("PT7H"),
    Id = "Expiration_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyEnablementRule()
    {
    EnablementRules =
    {
    RoleAssignmentEnablementRuleType.Justification,RoleAssignmentEnablementRuleType.MultiFactorAuthentication,RoleAssignmentEnablementRuleType.Ticketing
    },
    Id = "Enablement_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyApprovalRule()
    {
    Settings = new RoleManagementApprovalSettings()
    {
    IsApprovalRequired = true,
    IsApprovalRequiredForExtension = false,
    IsRequestorJustificationRequired = true,
    ApprovalMode = RoleManagementApprovalMode.SingleStage,
    ApprovalStages =
    {
    new RoleManagementApprovalStage()
    {
    ApprovalStageTimeOutInDays = 1,
    IsApproverJustificationRequired = true,
    EscalationTimeInMinutes = 0,
    PrimaryApprovers =
    {
    new RoleManagementUserInfo()
    {
    UserType = RoleManagementUserType.Group,
    IsBackup = false,
    Id = "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
    Description = "amansw_new_group",
    },new RoleManagementUserInfo()
    {
    UserType = RoleManagementUserType.Group,
    IsBackup = false,
    Id = "2f4913c9-d15b-406a-9946-1d66a28f2690",
    Description = "amansw_group",
    }
    },
    IsEscalationEnabled = false,
    EscalationApprovers =
    {
    },
    }
    },
    },
    Id = "Approval_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyAuthenticationContextRule()
    {
    IsEnabled = false,
    ClaimValue = "",
    Id = "AuthenticationContext_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Admin,
    NotificationRecipients =
    {
    "admin_enduser_member@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Admin_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Requestor,
    NotificationRecipients =
    {
    "requestor_enduser_member@test.com"
    },
    AreDefaultRecipientsEnabled = false,
    Id = "Notification_Requestor_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    },new RoleManagementPolicyNotificationRule()
    {
    NotificationDeliveryType = NotificationDeliveryType.Email,
    NotificationLevel = RoleManagementPolicyNotificationLevel.Critical,
    RecipientType = RoleManagementPolicyRecipientType.Approver,
    NotificationRecipients =
    {
    },
    AreDefaultRecipientsEnabled = true,
    Id = "Notification_Approver_EndUser_Assignment",
    Target = new RoleManagementPolicyRuleTarget()
    {
    Caller = "EndUser",
    Operations =
    {
    "All"
    },
    Level = RoleManagementAssignmentLevel.Assignment,
    TargetObjects =
    {
    },
    InheritableSettings =
    {
    },
    EnforcedSettings =
    {
    },
    },
    }
    },
};
RoleManagementPolicyResource result = await roleManagementPolicy.UpdateAsync(data);

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
RoleManagementPolicyData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:: 200

{
  "properties": {
    "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
    "displayName": null,
    "description": null,
    "isOrganizationDefault": false,
    "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00",
    "lastModifiedBy": {
      "id": null,
      "displayName": "Admin",
      "type": null,
      "email": null
    },
    "rules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ],
    "effectiveRules": [
      {
        "isExpirationRequired": false,
        "maximumDuration": "P180D",
        "id": "Expiration_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_eligible@test.com"
        ],
        "id": "Notification_Admin_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_eligible@test.com"
        ],
        "id": "Notification_Requestor_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_eligible@test.com"
        ],
        "id": "Notification_Approver_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [],
        "id": "Enablement_Admin_Eligibility",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Eligibility",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": false,
        "maximumDuration": "P90D",
        "id": "Expiration_Admin_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication"
        ],
        "id": "Enablement_Admin_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_admin_member@test.com"
        ],
        "id": "Notification_Admin_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_admin_member@test.com"
        ],
        "id": "Notification_Requestor_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "approver_admin_member@test.com"
        ],
        "id": "Notification_Approver_Admin_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "Admin",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isExpirationRequired": true,
        "maximumDuration": "PT7H",
        "id": "Expiration_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyExpirationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "enabledRules": [
          "Justification",
          "MultiFactorAuthentication",
          "Ticketing"
        ],
        "id": "Enablement_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyEnablementRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "setting": {
          "isApprovalRequired": true,
          "isApprovalRequiredForExtension": false,
          "isRequestorJustificationRequired": true,
          "approvalMode": "SingleStage",
          "approvalStages": [
            {
              "approvalStageTimeOutInDays": 1,
              "isApproverJustificationRequired": true,
              "escalationTimeInMinutes": 0,
              "primaryApprovers": [
                {
                  "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd",
                  "description": "amansw_new_group",
                  "isBackup": false,
                  "userType": "Group"
                },
                {
                  "id": "2f4913c9-d15b-406a-9946-1d66a28f2690",
                  "description": "amansw_group",
                  "isBackup": false,
                  "userType": "Group"
                }
              ],
              "isEscalationEnabled": false,
              "escalationApprovers": null
            }
          ]
        },
        "id": "Approval_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyApprovalRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "isEnabled": false,
        "claimValue": "",
        "id": "AuthenticationContext_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyAuthenticationContextRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Admin",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "admin_enduser_member@test.com"
        ],
        "id": "Notification_Admin_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Requestor",
        "isDefaultRecipientsEnabled": false,
        "notificationLevel": "Critical",
        "notificationRecipients": [
          "requestor_enduser_member@test.com"
        ],
        "id": "Notification_Requestor_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      },
      {
        "notificationType": "Email",
        "recipientType": "Approver",
        "isDefaultRecipientsEnabled": true,
        "notificationLevel": "Critical",
        "notificationRecipients": null,
        "id": "Notification_Approver_EndUser_Assignment",
        "ruleType": "RoleManagementPolicyNotificationRule",
        "target": {
          "caller": "EndUser",
          "operations": [
            "All"
          ],
          "level": "Assignment",
          "targetObjects": null,
          "inheritableSettings": null,
          "enforcedSettings": null
        }
      }
    ],
    "policyProperties": {
      "scope": {
        "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368",
        "displayName": "Pay-As-You-Go",
        "type": "subscription"
      }
    }
  },
  "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a",
  "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a",
  "type": "Microsoft.Authorization/RoleManagementPolicies"
}

Definições

Nome	Description
CloudError	Uma resposta de erro do serviço.
CloudErrorBody	Uma resposta de erro do serviço.
PolicyProperties	Informações expandidas do escopo do recurso
Principal	O nome da entidade a modificou pela última vez
RoleManagementPolicy	Política de gerenciamento de funções
Scope	Detalhes do escopo do recurso

CloudError

Uma resposta de erro do serviço.

Nome	Tipo	Description
error	CloudErrorBody	Uma resposta de erro do serviço.

CloudErrorBody

Uma resposta de erro do serviço.

Nome	Tipo	Description
code	string	Um identificador para o erro. Os códigos são invariáveis e devem ser consumidos programaticamente.
message	string	Uma mensagem que descreve o erro, destinada a ser adequada para exibição em uma interface do usuário.

PolicyProperties

Informações expandidas do escopo do recurso

Nome	Tipo	Description
scope	Scope	Detalhes do escopo do recurso

Principal

O nome da entidade a modificou pela última vez

Nome	Tipo	Description
displayName	string	O nome da entidade de segurança fez alterações
email	string	Email de entidade de segurança
id	string	A ID da entidade de segurança fez alterações
type	string	Tipo de entidade de segurança, como usuário, grupo etc.

RoleManagementPolicy

Política de gerenciamento de funções

Nome	Tipo	Description
id	string	A ID da política de gerenciamento de função.
name	string	O nome da política de gerenciamento de função.
properties.description	string	A descrição da política de gerenciamento de funções.
properties.displayName	string	O nome de exibição da política de gerenciamento de função.
properties.effectiveRules	RoleManagementPolicyRule[]	A regra computada somente leitura aplicada à política.
properties.isOrganizationDefault	boolean	A política de gerenciamento de funções é a política padrão.
properties.lastModifiedBy	Principal	O nome da entidade a modificou pela última vez
properties.lastModifiedDateTime	string	A hora da data da última modificação.
properties.policyProperties	PolicyProperties	Propriedades adicionais do escopo
properties.rules	RoleManagementPolicyRule[]	A regra aplicada à política.
properties.scope	string	O escopo da política de gerenciamento de funções.
type	string	O tipo de política de gerenciamento de função.

Scope

Detalhes do escopo do recurso

Nome	Tipo	Description
displayName	string	Nome de exibição do recurso
id	string	ID de escopo do recurso
type	string	Tipo do recurso

Compartilhar via

Role Management Policies - Update

Parâmetros de URI

Corpo da solicitação

Respostas

Segurança

azure_auth

Escopos

Exemplos

PatchPartialRoleManagementPolicy

Solicitação de exemplo

Resposta de exemplo

PatchRoleManagementPolicy

Solicitação de exemplo

Resposta de exemplo

Definições

CloudError

CloudErrorBody

PolicyProperties

Principal

RoleManagementPolicy

Scope

Recursos adicionais