Get-AzPolicyDefinition

Gets policy set definitions.

Syntax

Get-AzPolicyDefinition
   [-Name <String>]
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-Name <String>]
   -ManagementGroupName <String>
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-Name <String>]
   -SubscriptionId <String>
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-Name <String>]
   [-Id <String>]
   [-BackwardCompatible]
   -Version <String>
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-Name <String>]
   [-Id <String>]
   [-ListVersion]
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   -Id <String>
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-SubscriptionId <String>]
   [-ManagementGroupName <String>]
   [-Builtin]
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-SubscriptionId <String>]
   [-ManagementGroupName <String>]
   [-Custom]
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]
Get-AzPolicyDefinition
   [-SubscriptionId <String>]
   [-ManagementGroupName <String>]
   [-Static]
   [-BackwardCompatible]
   [-DefaultProfile <PSObject>]
   [<CommonParameters>]

Description

The Get-AzPolicyDefinition cmdlet gets a collection of policy set definitions or a specific policy set definition identified by name or ID.

Examples

Example 1: Get all policy definitions

Get-AzPolicyDefinition

This command gets all the policy definitions.

Example 2: Get policy definition from current subscription by name

Get-AzPolicyDefinition -Name 'VMPolicyDefinition'

This command gets the policy definition named VMPolicyDefinition from the current default subscription.

Example 3: Get policy definition from management group by name

Get-AzPolicyDefinition -Name 'VMPolicyDefinition' -ManagementGroupName 'Dept42'

This command gets the policy definition named VMPolicyDefinition from the management group named Dept42.

Example 4: Get all built-in policy definitions from subscription

Get-AzPolicyDefinition -SubscriptionId 'aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e' -Builtin

This command gets all built-in policy definitions from the subscription with ID aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e.

Example 5: Get policy definitions from a given category

Get-AzPolicyDefinition | Where-Object {$_.Properties.metadata.category -eq 'Tags'}

This command gets all policy definitions in the category Tags.

Example 6: Get the display name, description, policy type, and metadata of all policy definitions formatted as a list

Get-AzPolicyDefinition | Select-Object -Property DisplayName, Description, PolicyType, Metadata | Format-List

This command is useful when you need to find the reader-friendly DisplayName property of an Azure Policy definition. You can parse the Metadata property to discover the policy definition's version number and category assignment.

Example 7: [Backcompat] Get the display name, description, policy type, and metadata of all policy definitions formatted as a list

Get-AzPolicyDefinition -BackwardCompatible | Select-Object -ExpandProperty properties | Select-Object -Property DisplayName, Description, PolicyType, Metadata | Format-List

This command is useful when you need to find the reader-friendly DisplayName property of an Azure Policy definition. You can parse the Metadata property to discover the policy definition's version number and category assignment.

Parameters

-BackwardCompatible

Causes cmdlet to return artifacts using legacy format placing policy-specific properties in a property bag object.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Builtin

Causes cmdlet to return only built-in policy definitions.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Custom

Causes cmdlet to return only custom policy definitions.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:PSObject
Aliases:AzureRMContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Id

The full Id of the policy definition to get.

Type:String
Aliases:ResourceId
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ListVersion

Causes cmdlet to return only custom policy definitions.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ManagementGroupName

The name of the management group.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

The name of the policy definition to get.

Type:String
Aliases:PolicyDefinitionName
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Static

Causes cmdlet to return only static policy definitions.

Type:SwitchParameter
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-SubscriptionId

The ID of the target subscription.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Version

The policy definition version in #.#.# format.

Type:String
Aliases:PolicyDefinitionVersion
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

Inputs

SwitchParameter

String

Outputs

IPolicyDefinition