azure-native.authorization.PolicyAssignment
Explore with Pulumi AI
The policy assignment. API Version: 2020-09-01.
Example Usage
Create or update a policy assignment
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyAssignment = new AzureNative.Authorization.PolicyAssignment("policyAssignment", new()
{
Description = "Force resource names to begin with given DeptA and end with -LC",
DisplayName = "Enforce resource naming rules",
Metadata =
{
{ "assignedBy", "Special Someone" },
},
NonComplianceMessages = new[]
{
new AzureNative.Authorization.Inputs.NonComplianceMessageArgs
{
Message = "Resource names must start with 'DeptA' and end with '-LC'.",
},
},
Parameters =
{
{ "prefix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "DeptA",
} },
{ "suffix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "-LC",
} },
},
PolicyAssignmentName = "EnforceNaming",
PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyAssignment(ctx, "policyAssignment", &authorization.PolicyAssignmentArgs{
Description: pulumi.String("Force resource names to begin with given DeptA and end with -LC"),
DisplayName: pulumi.String("Enforce resource naming rules"),
Metadata: pulumi.Any{
AssignedBy: "Special Someone",
},
NonComplianceMessages: []authorization.NonComplianceMessageArgs{
{
Message: pulumi.String("Resource names must start with 'DeptA' and end with '-LC'."),
},
},
Parameters: authorization.ParameterValuesValueMap{
"prefix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("DeptA"),
},
"suffix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("-LC"),
},
},
PolicyAssignmentName: pulumi.String("EnforceNaming"),
PolicyDefinitionId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyAssignment;
import com.pulumi.azurenative.authorization.PolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyAssignment = new PolicyAssignment("policyAssignment", PolicyAssignmentArgs.builder()
.description("Force resource names to begin with given DeptA and end with -LC")
.displayName("Enforce resource naming rules")
.metadata(Map.of("assignedBy", "Special Someone"))
.nonComplianceMessages(Map.of("message", "Resource names must start with 'DeptA' and end with '-LC'."))
.parameters(Map.ofEntries(
Map.entry("prefix", Map.of("value", "DeptA")),
Map.entry("suffix", Map.of("value", "-LC"))
))
.policyAssignmentName("EnforceNaming")
.policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_assignment = azure_native.authorization.PolicyAssignment("policyAssignment",
description="Force resource names to begin with given DeptA and end with -LC",
display_name="Enforce resource naming rules",
metadata={
"assignedBy": "Special Someone",
},
non_compliance_messages=[azure_native.authorization.NonComplianceMessageArgs(
message="Resource names must start with 'DeptA' and end with '-LC'.",
)],
parameters={
"prefix": azure_native.authorization.ParameterValuesValueArgs(
value="DeptA",
),
"suffix": azure_native.authorization.ParameterValuesValueArgs(
value="-LC",
),
},
policy_assignment_name="EnforceNaming",
policy_definition_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyAssignment = new azure_native.authorization.PolicyAssignment("policyAssignment", {
description: "Force resource names to begin with given DeptA and end with -LC",
displayName: "Enforce resource naming rules",
metadata: {
assignedBy: "Special Someone",
},
nonComplianceMessages: [{
message: "Resource names must start with 'DeptA' and end with '-LC'.",
}],
parameters: {
prefix: {
value: "DeptA",
},
suffix: {
value: "-LC",
},
},
policyAssignmentName: "EnforceNaming",
policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
resources:
policyAssignment:
type: azure-native:authorization:PolicyAssignment
properties:
description: Force resource names to begin with given DeptA and end with -LC
displayName: Enforce resource naming rules
metadata:
assignedBy: Special Someone
nonComplianceMessages:
- message: Resource names must start with 'DeptA' and end with '-LC'.
parameters:
prefix:
value: DeptA
suffix:
value: -LC
policyAssignmentName: EnforceNaming
policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2
Create or update a policy assignment with a managed identity
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyAssignment = new AzureNative.Authorization.PolicyAssignment("policyAssignment", new()
{
Description = "Force resource names to begin with given DeptA and end with -LC",
DisplayName = "Enforce resource naming rules",
EnforcementMode = "Default",
Identity = new AzureNative.Authorization.Inputs.IdentityArgs
{
Type = AzureNative.Authorization.ResourceIdentityType.SystemAssigned,
},
Location = "eastus",
Metadata =
{
{ "assignedBy", "Foo Bar" },
},
Parameters =
{
{ "prefix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "DeptA",
} },
{ "suffix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "-LC",
} },
},
PolicyAssignmentName = "EnforceNaming",
PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyAssignment(ctx, "policyAssignment", &authorization.PolicyAssignmentArgs{
Description: pulumi.String("Force resource names to begin with given DeptA and end with -LC"),
DisplayName: pulumi.String("Enforce resource naming rules"),
EnforcementMode: pulumi.String("Default"),
Identity: &authorization.IdentityArgs{
Type: authorization.ResourceIdentityTypeSystemAssigned,
},
Location: pulumi.String("eastus"),
Metadata: pulumi.Any{
AssignedBy: "Foo Bar",
},
Parameters: authorization.ParameterValuesValueMap{
"prefix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("DeptA"),
},
"suffix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("-LC"),
},
},
PolicyAssignmentName: pulumi.String("EnforceNaming"),
PolicyDefinitionId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyAssignment;
import com.pulumi.azurenative.authorization.PolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyAssignment = new PolicyAssignment("policyAssignment", PolicyAssignmentArgs.builder()
.description("Force resource names to begin with given DeptA and end with -LC")
.displayName("Enforce resource naming rules")
.enforcementMode("Default")
.identity(Map.of("type", "SystemAssigned"))
.location("eastus")
.metadata(Map.of("assignedBy", "Foo Bar"))
.parameters(Map.ofEntries(
Map.entry("prefix", Map.of("value", "DeptA")),
Map.entry("suffix", Map.of("value", "-LC"))
))
.policyAssignmentName("EnforceNaming")
.policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_assignment = azure_native.authorization.PolicyAssignment("policyAssignment",
description="Force resource names to begin with given DeptA and end with -LC",
display_name="Enforce resource naming rules",
enforcement_mode="Default",
identity=azure_native.authorization.IdentityArgs(
type=azure_native.authorization.ResourceIdentityType.SYSTEM_ASSIGNED,
),
location="eastus",
metadata={
"assignedBy": "Foo Bar",
},
parameters={
"prefix": azure_native.authorization.ParameterValuesValueArgs(
value="DeptA",
),
"suffix": azure_native.authorization.ParameterValuesValueArgs(
value="-LC",
),
},
policy_assignment_name="EnforceNaming",
policy_definition_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyAssignment = new azure_native.authorization.PolicyAssignment("policyAssignment", {
description: "Force resource names to begin with given DeptA and end with -LC",
displayName: "Enforce resource naming rules",
enforcementMode: "Default",
identity: {
type: azure_native.authorization.ResourceIdentityType.SystemAssigned,
},
location: "eastus",
metadata: {
assignedBy: "Foo Bar",
},
parameters: {
prefix: {
value: "DeptA",
},
suffix: {
value: "-LC",
},
},
policyAssignmentName: "EnforceNaming",
policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
resources:
policyAssignment:
type: azure-native:authorization:PolicyAssignment
properties:
description: Force resource names to begin with given DeptA and end with -LC
displayName: Enforce resource naming rules
enforcementMode: Default
identity:
type: SystemAssigned
location: eastus
metadata:
assignedBy: Foo Bar
parameters:
prefix:
value: DeptA
suffix:
value: -LC
policyAssignmentName: EnforceNaming
policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2
Create or update a policy assignment with multiple non-compliance messages
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyAssignment = new AzureNative.Authorization.PolicyAssignment("policyAssignment", new()
{
DisplayName = "Enforce security policies",
NonComplianceMessages = new[]
{
new AzureNative.Authorization.Inputs.NonComplianceMessageArgs
{
Message = "Resources must comply with all internal security policies. See <internal site URL> for more info.",
},
new AzureNative.Authorization.Inputs.NonComplianceMessageArgs
{
Message = "Resource names must start with 'DeptA' and end with '-LC'.",
PolicyDefinitionReferenceId = "10420126870854049575",
},
new AzureNative.Authorization.Inputs.NonComplianceMessageArgs
{
Message = "Storage accounts must have firewall rules configured.",
PolicyDefinitionReferenceId = "8572513655450389710",
},
},
PolicyAssignmentName = "securityInitAssignment",
PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyAssignment(ctx, "policyAssignment", &authorization.PolicyAssignmentArgs{
DisplayName: pulumi.String("Enforce security policies"),
NonComplianceMessages: []authorization.NonComplianceMessageArgs{
{
Message: pulumi.String("Resources must comply with all internal security policies. See <internal site URL> for more info."),
},
{
Message: pulumi.String("Resource names must start with 'DeptA' and end with '-LC'."),
PolicyDefinitionReferenceId: pulumi.String("10420126870854049575"),
},
{
Message: pulumi.String("Storage accounts must have firewall rules configured."),
PolicyDefinitionReferenceId: pulumi.String("8572513655450389710"),
},
},
PolicyAssignmentName: pulumi.String("securityInitAssignment"),
PolicyDefinitionId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyAssignment;
import com.pulumi.azurenative.authorization.PolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyAssignment = new PolicyAssignment("policyAssignment", PolicyAssignmentArgs.builder()
.displayName("Enforce security policies")
.nonComplianceMessages(
Map.of("message", "Resources must comply with all internal security policies. See <internal site URL> for more info."),
Map.ofEntries(
Map.entry("message", "Resource names must start with 'DeptA' and end with '-LC'."),
Map.entry("policyDefinitionReferenceId", "10420126870854049575")
),
Map.ofEntries(
Map.entry("message", "Storage accounts must have firewall rules configured."),
Map.entry("policyDefinitionReferenceId", "8572513655450389710")
))
.policyAssignmentName("securityInitAssignment")
.policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_assignment = azure_native.authorization.PolicyAssignment("policyAssignment",
display_name="Enforce security policies",
non_compliance_messages=[
azure_native.authorization.NonComplianceMessageArgs(
message="Resources must comply with all internal security policies. See <internal site URL> for more info.",
),
azure_native.authorization.NonComplianceMessageArgs(
message="Resource names must start with 'DeptA' and end with '-LC'.",
policy_definition_reference_id="10420126870854049575",
),
azure_native.authorization.NonComplianceMessageArgs(
message="Storage accounts must have firewall rules configured.",
policy_definition_reference_id="8572513655450389710",
),
],
policy_assignment_name="securityInitAssignment",
policy_definition_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyAssignment = new azure_native.authorization.PolicyAssignment("policyAssignment", {
displayName: "Enforce security policies",
nonComplianceMessages: [
{
message: "Resources must comply with all internal security policies. See <internal site URL> for more info.",
},
{
message: "Resource names must start with 'DeptA' and end with '-LC'.",
policyDefinitionReferenceId: "10420126870854049575",
},
{
message: "Storage accounts must have firewall rules configured.",
policyDefinitionReferenceId: "8572513655450389710",
},
],
policyAssignmentName: "securityInitAssignment",
policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
resources:
policyAssignment:
type: azure-native:authorization:PolicyAssignment
properties:
displayName: Enforce security policies
nonComplianceMessages:
- message: Resources must comply with all internal security policies. See <internal site URL> for more info.
- message: Resource names must start with 'DeptA' and end with '-LC'.
policyDefinitionReferenceId: '10420126870854049575'
- message: Storage accounts must have firewall rules configured.
policyDefinitionReferenceId: '8572513655450389710'
policyAssignmentName: securityInitAssignment
policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2
Create or update a policy assignment without enforcing policy effect during resource creation or update.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyAssignment = new AzureNative.Authorization.PolicyAssignment("policyAssignment", new()
{
Description = "Force resource names to begin with given DeptA and end with -LC",
DisplayName = "Enforce resource naming rules",
EnforcementMode = "DoNotEnforce",
Metadata =
{
{ "assignedBy", "Special Someone" },
},
Parameters =
{
{ "prefix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "DeptA",
} },
{ "suffix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
{
Value = "-LC",
} },
},
PolicyAssignmentName = "EnforceNaming",
PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyAssignment(ctx, "policyAssignment", &authorization.PolicyAssignmentArgs{
Description: pulumi.String("Force resource names to begin with given DeptA and end with -LC"),
DisplayName: pulumi.String("Enforce resource naming rules"),
EnforcementMode: pulumi.String("DoNotEnforce"),
Metadata: pulumi.Any{
AssignedBy: "Special Someone",
},
Parameters: authorization.ParameterValuesValueMap{
"prefix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("DeptA"),
},
"suffix": &authorization.ParameterValuesValueArgs{
Value: pulumi.Any("-LC"),
},
},
PolicyAssignmentName: pulumi.String("EnforceNaming"),
PolicyDefinitionId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyAssignment;
import com.pulumi.azurenative.authorization.PolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyAssignment = new PolicyAssignment("policyAssignment", PolicyAssignmentArgs.builder()
.description("Force resource names to begin with given DeptA and end with -LC")
.displayName("Enforce resource naming rules")
.enforcementMode("DoNotEnforce")
.metadata(Map.of("assignedBy", "Special Someone"))
.parameters(Map.ofEntries(
Map.entry("prefix", Map.of("value", "DeptA")),
Map.entry("suffix", Map.of("value", "-LC"))
))
.policyAssignmentName("EnforceNaming")
.policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_assignment = azure_native.authorization.PolicyAssignment("policyAssignment",
description="Force resource names to begin with given DeptA and end with -LC",
display_name="Enforce resource naming rules",
enforcement_mode="DoNotEnforce",
metadata={
"assignedBy": "Special Someone",
},
parameters={
"prefix": azure_native.authorization.ParameterValuesValueArgs(
value="DeptA",
),
"suffix": azure_native.authorization.ParameterValuesValueArgs(
value="-LC",
),
},
policy_assignment_name="EnforceNaming",
policy_definition_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyAssignment = new azure_native.authorization.PolicyAssignment("policyAssignment", {
description: "Force resource names to begin with given DeptA and end with -LC",
displayName: "Enforce resource naming rules",
enforcementMode: "DoNotEnforce",
metadata: {
assignedBy: "Special Someone",
},
parameters: {
prefix: {
value: "DeptA",
},
suffix: {
value: "-LC",
},
},
policyAssignmentName: "EnforceNaming",
policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2",
});
resources:
policyAssignment:
type: azure-native:authorization:PolicyAssignment
properties:
description: Force resource names to begin with given DeptA and end with -LC
displayName: Enforce resource naming rules
enforcementMode: DoNotEnforce
metadata:
assignedBy: Special Someone
parameters:
prefix:
value: DeptA
suffix:
value: -LC
policyAssignmentName: EnforceNaming
policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2
Create PolicyAssignment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyAssignment(name: string, args: PolicyAssignmentArgs, opts?: CustomResourceOptions);
@overload
def PolicyAssignment(resource_name: str,
args: PolicyAssignmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyAssignment(resource_name: str,
opts: Optional[ResourceOptions] = None,
scope: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
enforcement_mode: Optional[Union[str, EnforcementMode]] = None,
identity: Optional[IdentityArgs] = None,
location: Optional[str] = None,
metadata: Optional[Any] = None,
non_compliance_messages: Optional[Sequence[NonComplianceMessageArgs]] = None,
not_scopes: Optional[Sequence[str]] = None,
parameters: Optional[Mapping[str, ParameterValuesValueArgs]] = None,
policy_assignment_name: Optional[str] = None,
policy_definition_id: Optional[str] = None)
func NewPolicyAssignment(ctx *Context, name string, args PolicyAssignmentArgs, opts ...ResourceOption) (*PolicyAssignment, error)
public PolicyAssignment(string name, PolicyAssignmentArgs args, CustomResourceOptions? opts = null)
public PolicyAssignment(String name, PolicyAssignmentArgs args)
public PolicyAssignment(String name, PolicyAssignmentArgs args, CustomResourceOptions options)
type: azure-native:authorization:PolicyAssignment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyAssignmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyAssignmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyAssignmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyAssignmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyAssignmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyAssignmentResource = new AzureNative.Authorization.PolicyAssignment("policyAssignmentResource", new()
{
Scope = "string",
Description = "string",
DisplayName = "string",
EnforcementMode = "string",
Identity =
{
{ "type", "SystemAssigned" },
},
Location = "string",
Metadata = "any",
NonComplianceMessages = new[]
{
{
{ "message", "string" },
{ "policyDefinitionReferenceId", "string" },
},
},
NotScopes = new[]
{
"string",
},
Parameters =
{
{ "string",
{
{ "value", "any" },
} },
},
PolicyAssignmentName = "string",
PolicyDefinitionId = "string",
});
example, err := authorization.NewPolicyAssignment(ctx, "policyAssignmentResource", &authorization.PolicyAssignmentArgs{
Scope: "string",
Description: "string",
DisplayName: "string",
EnforcementMode: "string",
Identity: map[string]interface{}{
"type": "SystemAssigned",
},
Location: "string",
Metadata: "any",
NonComplianceMessages: []map[string]interface{}{
map[string]interface{}{
"message": "string",
"policyDefinitionReferenceId": "string",
},
},
NotScopes: []string{
"string",
},
Parameters: map[string]interface{}{
"string": map[string]interface{}{
"value": "any",
},
},
PolicyAssignmentName: "string",
PolicyDefinitionId: "string",
})
var policyAssignmentResource = new PolicyAssignment("policyAssignmentResource", PolicyAssignmentArgs.builder()
.scope("string")
.description("string")
.displayName("string")
.enforcementMode("string")
.identity(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.location("string")
.metadata("any")
.nonComplianceMessages(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.notScopes("string")
.parameters(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.policyAssignmentName("string")
.policyDefinitionId("string")
.build());
policy_assignment_resource = azure_native.authorization.PolicyAssignment("policyAssignmentResource",
scope=string,
description=string,
display_name=string,
enforcement_mode=string,
identity={
type: SystemAssigned,
},
location=string,
metadata=any,
non_compliance_messages=[{
message: string,
policyDefinitionReferenceId: string,
}],
not_scopes=[string],
parameters={
string: {
value: any,
},
},
policy_assignment_name=string,
policy_definition_id=string)
const policyAssignmentResource = new azure_native.authorization.PolicyAssignment("policyAssignmentResource", {
scope: "string",
description: "string",
displayName: "string",
enforcementMode: "string",
identity: {
type: "SystemAssigned",
},
location: "string",
metadata: "any",
nonComplianceMessages: [{
message: "string",
policyDefinitionReferenceId: "string",
}],
notScopes: ["string"],
parameters: {
string: {
value: "any",
},
},
policyAssignmentName: "string",
policyDefinitionId: "string",
});
type: azure-native:authorization:PolicyAssignment
properties:
description: string
displayName: string
enforcementMode: string
identity:
type: SystemAssigned
location: string
metadata: any
nonComplianceMessages:
- message: string
policyDefinitionReferenceId: string
notScopes:
- string
parameters:
string:
value: any
policyAssignmentName: string
policyDefinitionId: string
scope: string
PolicyAssignment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PolicyAssignment resource accepts the following input properties:
- Scope string
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
- This message will be part of response in case of policy violation.
- Display
Name string - The display name of the policy assignment.
- Enforcement
Mode string | Pulumi.Azure Native. Authorization. Enforcement Mode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- Identity
Pulumi.
Azure Native. Authorization. Inputs. Identity - The managed identity associated with the policy assignment.
- Location string
- The location of the policy assignment. Only required when utilizing managed identity.
- Metadata object
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Non
Compliance List<Pulumi.Messages Azure Native. Authorization. Inputs. Non Compliance Message> - The messages that describe why a resource is non-compliant with the policy.
- Not
Scopes List<string> - The policy's excluded scopes.
- Parameters
Dictionary<string, Pulumi.
Azure Native. Authorization. Inputs. Parameter Values Value Args> - The parameter values for the assigned policy rule. The keys are the parameter names.
- Policy
Assignment stringName - The name of the policy assignment.
- Policy
Definition stringId - The ID of the policy definition or policy set definition being assigned.
- Scope string
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
- This message will be part of response in case of policy violation.
- Display
Name string - The display name of the policy assignment.
- Enforcement
Mode string | EnforcementMode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- Identity
Identity
Args - The managed identity associated with the policy assignment.
- Location string
- The location of the policy assignment. Only required when utilizing managed identity.
- Metadata interface{}
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Non
Compliance []NonMessages Compliance Message Args - The messages that describe why a resource is non-compliant with the policy.
- Not
Scopes []string - The policy's excluded scopes.
- Parameters
map[string]Parameter
Values Value Args - The parameter values for the assigned policy rule. The keys are the parameter names.
- Policy
Assignment stringName - The name of the policy assignment.
- Policy
Definition stringId - The ID of the policy definition or policy set definition being assigned.
- scope String
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
- This message will be part of response in case of policy violation.
- display
Name String - The display name of the policy assignment.
- enforcement
Mode String | EnforcementMode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- identity Identity
- The managed identity associated with the policy assignment.
- location String
- The location of the policy assignment. Only required when utilizing managed identity.
- metadata Object
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- non
Compliance List<NonMessages Compliance Message> - The messages that describe why a resource is non-compliant with the policy.
- not
Scopes List<String> - The policy's excluded scopes.
- parameters
Map<String,Parameter
Values Value Args> - The parameter values for the assigned policy rule. The keys are the parameter names.
- policy
Assignment StringName - The name of the policy assignment.
- policy
Definition StringId - The ID of the policy definition or policy set definition being assigned.
- scope string
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description string
- This message will be part of response in case of policy violation.
- display
Name string - The display name of the policy assignment.
- enforcement
Mode string | EnforcementMode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- identity Identity
- The managed identity associated with the policy assignment.
- location string
- The location of the policy assignment. Only required when utilizing managed identity.
- metadata any
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- non
Compliance NonMessages Compliance Message[] - The messages that describe why a resource is non-compliant with the policy.
- not
Scopes string[] - The policy's excluded scopes.
- parameters
{[key: string]: Parameter
Values Value Args} - The parameter values for the assigned policy rule. The keys are the parameter names.
- policy
Assignment stringName - The name of the policy assignment.
- policy
Definition stringId - The ID of the policy definition or policy set definition being assigned.
- scope str
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description str
- This message will be part of response in case of policy violation.
- display_
name str - The display name of the policy assignment.
- enforcement_
mode str | EnforcementMode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- identity
Identity
Args - The managed identity associated with the policy assignment.
- location str
- The location of the policy assignment. Only required when utilizing managed identity.
- metadata Any
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- non_
compliance_ Sequence[Nonmessages Compliance Message Args] - The messages that describe why a resource is non-compliant with the policy.
- not_
scopes Sequence[str] - The policy's excluded scopes.
- parameters
Mapping[str, Parameter
Values Value Args] - The parameter values for the assigned policy rule. The keys are the parameter names.
- policy_
assignment_ strname - The name of the policy assignment.
- policy_
definition_ strid - The ID of the policy definition or policy set definition being assigned.
- scope String
- The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
- This message will be part of response in case of policy violation.
- display
Name String - The display name of the policy assignment.
- enforcement
Mode String | "Default" | "DoNot Enforce" - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
- identity Property Map
- The managed identity associated with the policy assignment.
- location String
- The location of the policy assignment. Only required when utilizing managed identity.
- metadata Any
- The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- non
Compliance List<Property Map>Messages - The messages that describe why a resource is non-compliant with the policy.
- not
Scopes List<String> - The policy's excluded scopes.
- parameters Map<Property Map>
- The parameter values for the assigned policy rule. The keys are the parameter names.
- policy
Assignment StringName - The name of the policy assignment.
- policy
Definition StringId - The ID of the policy definition or policy set definition being assigned.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyAssignment resource produces the following output properties:
Supporting Types
EnforcementMode, EnforcementModeArgs
- Default
- DefaultThe policy effect is enforced during resource creation or update.
- Do
Not Enforce - DoNotEnforceThe policy effect is not enforced during resource creation or update.
- Enforcement
Mode Default - DefaultThe policy effect is enforced during resource creation or update.
- Enforcement
Mode Do Not Enforce - DoNotEnforceThe policy effect is not enforced during resource creation or update.
- Default
- DefaultThe policy effect is enforced during resource creation or update.
- Do
Not Enforce - DoNotEnforceThe policy effect is not enforced during resource creation or update.
- Default
- DefaultThe policy effect is enforced during resource creation or update.
- Do
Not Enforce - DoNotEnforceThe policy effect is not enforced during resource creation or update.
- DEFAULT
- DefaultThe policy effect is enforced during resource creation or update.
- DO_NOT_ENFORCE
- DoNotEnforceThe policy effect is not enforced during resource creation or update.
- "Default"
- DefaultThe policy effect is enforced during resource creation or update.
- "Do
Not Enforce" - DoNotEnforceThe policy effect is not enforced during resource creation or update.
Identity, IdentityArgs
- Type
Pulumi.
Azure Native. Authorization. Resource Identity Type - The identity type. This is the only required field when adding a system assigned identity to a resource.
- Type
Resource
Identity Type - The identity type. This is the only required field when adding a system assigned identity to a resource.
- type
Resource
Identity Type - The identity type. This is the only required field when adding a system assigned identity to a resource.
- type
Resource
Identity Type - The identity type. This is the only required field when adding a system assigned identity to a resource.
- type
Resource
Identity Type - The identity type. This is the only required field when adding a system assigned identity to a resource.
- type
"System
Assigned" | "None" - The identity type. This is the only required field when adding a system assigned identity to a resource.
IdentityResponse, IdentityResponseArgs
- Principal
Id string - The principal ID of the resource identity.
- Tenant
Id string - The tenant ID of the resource identity.
- Type string
- The identity type. This is the only required field when adding a system assigned identity to a resource.
- Principal
Id string - The principal ID of the resource identity.
- Tenant
Id string - The tenant ID of the resource identity.
- Type string
- The identity type. This is the only required field when adding a system assigned identity to a resource.
- principal
Id String - The principal ID of the resource identity.
- tenant
Id String - The tenant ID of the resource identity.
- type String
- The identity type. This is the only required field when adding a system assigned identity to a resource.
- principal
Id string - The principal ID of the resource identity.
- tenant
Id string - The tenant ID of the resource identity.
- type string
- The identity type. This is the only required field when adding a system assigned identity to a resource.
- principal_
id str - The principal ID of the resource identity.
- tenant_
id str - The tenant ID of the resource identity.
- type str
- The identity type. This is the only required field when adding a system assigned identity to a resource.
- principal
Id String - The principal ID of the resource identity.
- tenant
Id String - The tenant ID of the resource identity.
- type String
- The identity type. This is the only required field when adding a system assigned identity to a resource.
NonComplianceMessage, NonComplianceMessageArgs
- Message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- Policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- Message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- Policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message String
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition StringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message str
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy_
definition_ strreference_ id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message String
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition StringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
NonComplianceMessageResponse, NonComplianceMessageResponseArgs
- Message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- Policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- Message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- Policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message String
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition StringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message string
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition stringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message str
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy_
definition_ strreference_ id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
- message String
- A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
- policy
Definition StringReference Id - The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
ParameterValuesValue, ParameterValuesValueArgs
- Value object
- The value of the parameter.
- Value interface{}
- The value of the parameter.
- value Object
- The value of the parameter.
- value any
- The value of the parameter.
- value Any
- The value of the parameter.
- value Any
- The value of the parameter.
ParameterValuesValueResponse, ParameterValuesValueResponseArgs
- Value object
- The value of the parameter.
- Value interface{}
- The value of the parameter.
- value Object
- The value of the parameter.
- value any
- The value of the parameter.
- value Any
- The value of the parameter.
- value Any
- The value of the parameter.
ResourceIdentityType, ResourceIdentityTypeArgs
- System
Assigned - SystemAssignedIndicates that a system assigned identity is associated with the resource.
- None
- NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
- Resource
Identity Type System Assigned - SystemAssignedIndicates that a system assigned identity is associated with the resource.
- Resource
Identity Type None - NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
- System
Assigned - SystemAssignedIndicates that a system assigned identity is associated with the resource.
- None
- NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
- System
Assigned - SystemAssignedIndicates that a system assigned identity is associated with the resource.
- None
- NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
- SYSTEM_ASSIGNED
- SystemAssignedIndicates that a system assigned identity is associated with the resource.
- NONE
- NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
- "System
Assigned" - SystemAssignedIndicates that a system assigned identity is associated with the resource.
- "None"
- NoneIndicates that no identity is associated with the resource or that the existing identity should be removed.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:PolicyAssignment EnforceNaming /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v1 pulumi/pulumi-azure-native
- License
- Apache-2.0