Docs
Packages
Azure Native v1.102.0, May 2 23
Azure Native v1.102.0, May 2 23
azure-native.authorization.PolicyDefinition
Explore with Pulumi AI
The policy definition. API Version: 2020-09-01.
Example Usage
Create or update a policy definition
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyDefinition = new AzureNative.Authorization.PolicyDefinition("policyDefinition", new()
{
Description = "Force resource names to begin with given 'prefix' and/or end with given 'suffix'",
DisplayName = "Enforce resource naming convention",
Metadata =
{
{ "category", "Naming" },
},
Mode = "All",
Parameters =
{
{ "prefix", new AzureNative.Authorization.Inputs.ParameterDefinitionsValueArgs
{
Metadata = new AzureNative.Authorization.Inputs.ParameterDefinitionsValueMetadataArgs
{
Description = "Resource name prefix",
DisplayName = "Prefix",
},
Type = "String",
} },
{ "suffix", new AzureNative.Authorization.Inputs.ParameterDefinitionsValueArgs
{
Metadata = new AzureNative.Authorization.Inputs.ParameterDefinitionsValueMetadataArgs
{
Description = "Resource name suffix",
DisplayName = "Suffix",
},
Type = "String",
} },
},
PolicyDefinitionName = "ResourceNaming",
PolicyRule =
{
{ "if",
{
{ "not",
{
{ "field", "name" },
{ "like", "[concat(parameters('prefix'), '*', parameters('suffix'))]" },
} },
} },
{ "then",
{
{ "effect", "deny" },
} },
},
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native/sdk/go/azure/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyDefinition(ctx, "policyDefinition", &authorization.PolicyDefinitionArgs{
Description: pulumi.String("Force resource names to begin with given 'prefix' and/or end with given 'suffix'"),
DisplayName: pulumi.String("Enforce resource naming convention"),
Metadata: pulumi.Any{
Category: "Naming",
},
Mode: pulumi.String("All"),
Parameters: authorization.ParameterDefinitionsValueMap{
"prefix": &authorization.ParameterDefinitionsValueArgs{
Metadata: &authorization.ParameterDefinitionsValueMetadataArgs{
Description: pulumi.String("Resource name prefix"),
DisplayName: pulumi.String("Prefix"),
},
Type: pulumi.String("String"),
},
"suffix": &authorization.ParameterDefinitionsValueArgs{
Metadata: &authorization.ParameterDefinitionsValueMetadataArgs{
Description: pulumi.String("Resource name suffix"),
DisplayName: pulumi.String("Suffix"),
},
Type: pulumi.String("String"),
},
},
PolicyDefinitionName: pulumi.String("ResourceNaming"),
PolicyRule: pulumi.Any{
If: map[string]interface{}{
"not": map[string]interface{}{
"field": "name",
"like": "[concat(parameters('prefix'), '*', parameters('suffix'))]",
},
},
Then: map[string]interface{}{
"effect": "deny",
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyDefinition;
import com.pulumi.azurenative.authorization.PolicyDefinitionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyDefinition = new PolicyDefinition("policyDefinition", PolicyDefinitionArgs.builder()
.description("Force resource names to begin with given 'prefix' and/or end with given 'suffix'")
.displayName("Enforce resource naming convention")
.metadata(Map.of("category", "Naming"))
.mode("All")
.parameters(Map.ofEntries(
Map.entry("prefix", Map.ofEntries(
Map.entry("metadata", Map.ofEntries(
Map.entry("description", "Resource name prefix"),
Map.entry("displayName", "Prefix")
)),
Map.entry("type", "String")
)),
Map.entry("suffix", Map.ofEntries(
Map.entry("metadata", Map.ofEntries(
Map.entry("description", "Resource name suffix"),
Map.entry("displayName", "Suffix")
)),
Map.entry("type", "String")
))
))
.policyDefinitionName("ResourceNaming")
.policyRule(Map.ofEntries(
Map.entry("if", Map.of("not", Map.ofEntries(
Map.entry("field", "name"),
Map.entry("like", "[concat(parameters('prefix'), '*', parameters('suffix'))]")
))),
Map.entry("then", Map.of("effect", "deny"))
))
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_definition = azure_native.authorization.PolicyDefinition("policyDefinition",
description="Force resource names to begin with given 'prefix' and/or end with given 'suffix'",
display_name="Enforce resource naming convention",
metadata={
"category": "Naming",
},
mode="All",
parameters={
"prefix": azure_native.authorization.ParameterDefinitionsValueArgs(
metadata=azure_native.authorization.ParameterDefinitionsValueMetadataArgs(
description="Resource name prefix",
display_name="Prefix",
),
type="String",
),
"suffix": azure_native.authorization.ParameterDefinitionsValueArgs(
metadata=azure_native.authorization.ParameterDefinitionsValueMetadataArgs(
description="Resource name suffix",
display_name="Suffix",
),
type="String",
),
},
policy_definition_name="ResourceNaming",
policy_rule={
"if": {
"not": {
"field": "name",
"like": "[concat(parameters('prefix'), '*', parameters('suffix'))]",
},
},
"then": {
"effect": "deny",
},
})
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyDefinition = new azure_native.authorization.PolicyDefinition("policyDefinition", {
description: "Force resource names to begin with given 'prefix' and/or end with given 'suffix'",
displayName: "Enforce resource naming convention",
metadata: {
category: "Naming",
},
mode: "All",
parameters: {
prefix: {
metadata: {
description: "Resource name prefix",
displayName: "Prefix",
},
type: "String",
},
suffix: {
metadata: {
description: "Resource name suffix",
displayName: "Suffix",
},
type: "String",
},
},
policyDefinitionName: "ResourceNaming",
policyRule: {
"if": {
not: {
field: "name",
like: "[concat(parameters('prefix'), '*', parameters('suffix'))]",
},
},
then: {
effect: "deny",
},
},
});
resources:
policyDefinition:
type: azure-native:authorization:PolicyDefinition
properties:
description: Force resource names to begin with given 'prefix' and/or end with given 'suffix'
displayName: Enforce resource naming convention
metadata:
category: Naming
mode: All
parameters:
prefix:
metadata:
description: Resource name prefix
displayName: Prefix
type: String
suffix:
metadata:
description: Resource name suffix
displayName: Suffix
type: String
policyDefinitionName: ResourceNaming
policyRule:
if:
not:
field: name
like: '[concat(parameters(''prefix''), ''*'', parameters(''suffix''))]'
then:
effect: deny
Create or update a policy definition with advanced parameters
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyDefinition = new AzureNative.Authorization.PolicyDefinition("policyDefinition", new()
{
Description = "Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised",
DisplayName = "Event Hubs should have diagnostic logging enabled",
Metadata =
{
{ "category", "Event Hub" },
},
Mode = "Indexed",
Parameters =
{
{ "requiredRetentionDays", new AzureNative.Authorization.Inputs.ParameterDefinitionsValueArgs
{
AllowedValues = new[]
{
0,
30,
90,
180,
365,
},
DefaultValue = 365,
Metadata = new AzureNative.Authorization.Inputs.ParameterDefinitionsValueMetadataArgs
{
Description = "The required diagnostic logs retention in days",
DisplayName = "Required retention (days)",
},
Type = "Integer",
} },
},
PolicyDefinitionName = "EventHubDiagnosticLogs",
PolicyRule =
{
{ "if",
{
{ "equals", "Microsoft.EventHub/namespaces" },
{ "field", "type" },
} },
{ "then",
{
{ "details",
{
{ "existenceCondition",
{
{ "allOf", new[]
{
{
{ "equals", "true" },
{ "field", "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled" },
},
{
{ "equals", "[parameters('requiredRetentionDays')]" },
{ "field", "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days" },
},
} },
} },
{ "type", "Microsoft.Insights/diagnosticSettings" },
} },
{ "effect", "AuditIfNotExists" },
} },
},
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native/sdk/go/azure/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyDefinition(ctx, "policyDefinition", &authorization.PolicyDefinitionArgs{
Description: pulumi.String("Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised"),
DisplayName: pulumi.String("Event Hubs should have diagnostic logging enabled"),
Metadata: pulumi.Any{
Category: "Event Hub",
},
Mode: pulumi.String("Indexed"),
Parameters: authorization.ParameterDefinitionsValueMap{
"requiredRetentionDays": &authorization.ParameterDefinitionsValueArgs{
AllowedValues: pulumi.AnyArray{
pulumi.Any(0),
pulumi.Any(30),
pulumi.Any(90),
pulumi.Any(180),
pulumi.Any(365),
},
DefaultValue: pulumi.Any(365),
Metadata: &authorization.ParameterDefinitionsValueMetadataArgs{
Description: pulumi.String("The required diagnostic logs retention in days"),
DisplayName: pulumi.String("Required retention (days)"),
},
Type: pulumi.String("Integer"),
},
},
PolicyDefinitionName: pulumi.String("EventHubDiagnosticLogs"),
PolicyRule: pulumi.Any{
If: map[string]interface{}{
"equals": "Microsoft.EventHub/namespaces",
"field": "type",
},
Then: map[string]interface{}{
"details": map[string]interface{}{
"existenceCondition": map[string]interface{}{
"allOf": []map[string]interface{}{
map[string]interface{}{
"equals": "true",
"field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled",
},
map[string]interface{}{
"equals": "[parameters('requiredRetentionDays')]",
"field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days",
},
},
},
"type": "Microsoft.Insights/diagnosticSettings",
},
"effect": "AuditIfNotExists",
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyDefinition;
import com.pulumi.azurenative.authorization.PolicyDefinitionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyDefinition = new PolicyDefinition("policyDefinition", PolicyDefinitionArgs.builder()
.description("Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised")
.displayName("Event Hubs should have diagnostic logging enabled")
.metadata(Map.of("category", "Event Hub"))
.mode("Indexed")
.parameters(Map.of("requiredRetentionDays", Map.ofEntries(
Map.entry("allowedValues",
0,
30,
90,
180,
365),
Map.entry("defaultValue", 365),
Map.entry("metadata", Map.ofEntries(
Map.entry("description", "The required diagnostic logs retention in days"),
Map.entry("displayName", "Required retention (days)")
)),
Map.entry("type", "Integer")
)))
.policyDefinitionName("EventHubDiagnosticLogs")
.policyRule(Map.ofEntries(
Map.entry("if", Map.ofEntries(
Map.entry("equals", "Microsoft.EventHub/namespaces"),
Map.entry("field", "type")
)),
Map.entry("then", Map.ofEntries(
Map.entry("details", Map.ofEntries(
Map.entry("existenceCondition", Map.of("allOf",
Map.ofEntries(
Map.entry("equals", "true"),
Map.entry("field", "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled")
),
Map.ofEntries(
Map.entry("equals", "[parameters('requiredRetentionDays')]"),
Map.entry("field", "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days")
))),
Map.entry("type", "Microsoft.Insights/diagnosticSettings")
)),
Map.entry("effect", "AuditIfNotExists")
))
))
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_definition = azure_native.authorization.PolicyDefinition("policyDefinition",
description="Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised",
display_name="Event Hubs should have diagnostic logging enabled",
metadata={
"category": "Event Hub",
},
mode="Indexed",
parameters={
"requiredRetentionDays": azure_native.authorization.ParameterDefinitionsValueArgs(
allowed_values=[
0,
30,
90,
180,
365,
],
default_value=365,
metadata=azure_native.authorization.ParameterDefinitionsValueMetadataArgs(
description="The required diagnostic logs retention in days",
display_name="Required retention (days)",
),
type="Integer",
),
},
policy_definition_name="EventHubDiagnosticLogs",
policy_rule={
"if": {
"equals": "Microsoft.EventHub/namespaces",
"field": "type",
},
"then": {
"details": {
"existenceCondition": {
"allOf": [
{
"equals": "true",
"field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled",
},
{
"equals": "[parameters('requiredRetentionDays')]",
"field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days",
},
],
},
"type": "Microsoft.Insights/diagnosticSettings",
},
"effect": "AuditIfNotExists",
},
})
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyDefinition = new azure_native.authorization.PolicyDefinition("policyDefinition", {
description: "Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised",
displayName: "Event Hubs should have diagnostic logging enabled",
metadata: {
category: "Event Hub",
},
mode: "Indexed",
parameters: {
requiredRetentionDays: {
allowedValues: [
0,
30,
90,
180,
365,
],
defaultValue: 365,
metadata: {
description: "The required diagnostic logs retention in days",
displayName: "Required retention (days)",
},
type: "Integer",
},
},
policyDefinitionName: "EventHubDiagnosticLogs",
policyRule: {
"if": {
equals: "Microsoft.EventHub/namespaces",
field: "type",
},
then: {
details: {
existenceCondition: {
allOf: [
{
equals: "true",
field: "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled",
},
{
equals: "[parameters('requiredRetentionDays')]",
field: "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days",
},
],
},
type: "Microsoft.Insights/diagnosticSettings",
},
effect: "AuditIfNotExists",
},
},
});
resources:
policyDefinition:
type: azure-native:authorization:PolicyDefinition
properties:
description: Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised
displayName: Event Hubs should have diagnostic logging enabled
metadata:
category: Event Hub
mode: Indexed
parameters:
requiredRetentionDays:
allowedValues:
- 0
- 30
- 90
- 180
- 365
defaultValue: 365
metadata:
description: The required diagnostic logs retention in days
displayName: Required retention (days)
type: Integer
policyDefinitionName: EventHubDiagnosticLogs
policyRule:
if:
equals: Microsoft.EventHub/namespaces
field: type
then:
details:
existenceCondition:
allOf:
- equals: 'true'
field: Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled
- equals: '[parameters(''requiredRetentionDays'')]'
field: Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days
type: Microsoft.Insights/diagnosticSettings
effect: AuditIfNotExists
Create PolicyDefinition Resource
new PolicyDefinition(name: string, args?: PolicyDefinitionArgs, opts?: CustomResourceOptions);@overload
def PolicyDefinition(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
metadata: Optional[Any] = None,
mode: Optional[str] = None,
parameters: Optional[Mapping[str, ParameterDefinitionsValueArgs]] = None,
policy_definition_name: Optional[str] = None,
policy_rule: Optional[Any] = None,
policy_type: Optional[Union[str, PolicyType]] = None)
@overload
def PolicyDefinition(resource_name: str,
args: Optional[PolicyDefinitionArgs] = None,
opts: Optional[ResourceOptions] = None)func NewPolicyDefinition(ctx *Context, name string, args *PolicyDefinitionArgs, opts ...ResourceOption) (*PolicyDefinition, error)public PolicyDefinition(string name, PolicyDefinitionArgs? args = null, CustomResourceOptions? opts = null)
public PolicyDefinition(String name, PolicyDefinitionArgs args)
public PolicyDefinition(String name, PolicyDefinitionArgs args, CustomResourceOptions options)
type: azure-native:authorization:PolicyDefinition
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyDefinitionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyDefinitionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyDefinitionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyDefinitionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyDefinitionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
PolicyDefinition Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyDefinition resource accepts the following input properties:
- Description string
The policy definition description.
- Display
Name string The display name of the policy definition.
- Metadata object
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Mode string
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- Parameters
Dictionary<string, Pulumi.
Azure Native. Authorization. Inputs. Parameter Definitions Value Args> The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- Policy
Definition stringName The name of the policy definition to create.
- Policy
Rule object The policy rule.
- Policy
Type string | Pulumi.Azure Native. Authorization. Policy Type The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- Description string
The policy definition description.
- Display
Name string The display name of the policy definition.
- Metadata interface{}
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Mode string
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- Parameters
map[string]Parameter
Definitions Value Args The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- Policy
Definition stringName The name of the policy definition to create.
- Policy
Rule interface{} The policy rule.
- Policy
Type string | PolicyType The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- description String
The policy definition description.
- display
Name String The display name of the policy definition.
- metadata Object
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- mode String
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- parameters
Map<String,Parameter
Definitions Value Args> The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- policy
Definition StringName The name of the policy definition to create.
- policy
Rule Object The policy rule.
- policy
Type String | PolicyType The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- description string
The policy definition description.
- display
Name string The display name of the policy definition.
- metadata any
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- mode string
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- parameters
{[key: string]: Parameter
Definitions Value Args} The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- policy
Definition stringName The name of the policy definition to create.
- policy
Rule any The policy rule.
- policy
Type string | PolicyType The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- description str
The policy definition description.
- display_
name str The display name of the policy definition.
- metadata Any
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- mode str
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- parameters
Mapping[str, Parameter
Definitions Value Args] The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- policy_
definition_ strname The name of the policy definition to create.
- policy_
rule Any The policy rule.
- policy_
type str | PolicyType The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- description String
The policy definition description.
- display
Name String The display name of the policy definition.
- metadata Any
The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- mode String
The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
- parameters Map<Property Map>
The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
- policy
Definition StringName The name of the policy definition to create.
- policy
Rule Any The policy rule.
- policy
Type String | "NotSpecified" | "Built In" | "Custom" | "Static" The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyDefinition resource produces the following output properties:
Supporting Types
ParameterDefinitionsValue
- Allowed
Values List<object> The allowed values for the parameter.
- Default
Value object The default value for the parameter if no value is provided.
- Metadata
Pulumi.
Azure Native. Authorization. Inputs. Parameter Definitions Value Metadata General metadata for the parameter.
- Type
string | Pulumi.
Azure Native. Authorization. Parameter Type The data type of the parameter.
- Allowed
Values []interface{} The allowed values for the parameter.
- Default
Value interface{} The default value for the parameter if no value is provided.
- Metadata
Parameter
Definitions Value Metadata General metadata for the parameter.
- Type
string | Parameter
Type The data type of the parameter.
- allowed
Values List<Object> The allowed values for the parameter.
- default
Value Object The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Metadata General metadata for the parameter.
- type
String | Parameter
Type The data type of the parameter.
- allowed
Values any[] The allowed values for the parameter.
- default
Value any The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Metadata General metadata for the parameter.
- type
string | Parameter
Type The data type of the parameter.
- allowed_
values Sequence[Any] The allowed values for the parameter.
- default_
value Any The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Metadata General metadata for the parameter.
- type
str | Parameter
Type The data type of the parameter.
- allowed
Values List<Any> The allowed values for the parameter.
- default
Value Any The default value for the parameter if no value is provided.
- metadata Property Map
General metadata for the parameter.
- type
String | "String" | "Array" | "Object" | "Boolean" | "Integer" | "Float" | "Date
Time" The data type of the parameter.
ParameterDefinitionsValueMetadata
- Assign
Permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
The description of the parameter.
- Display
Name string The display name for the parameter.
- Strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- Assign
Permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
The description of the parameter.
- Display
Name string The display name for the parameter.
- Strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions Boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
The description of the parameter.
- display
Name String The display name for the parameter.
- strong
Type String Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description string
The description of the parameter.
- display
Name string The display name for the parameter.
- strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign_
permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description str
The description of the parameter.
- display_
name str The display name for the parameter.
- strong_
type str Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions Boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
The description of the parameter.
- display
Name String The display name for the parameter.
- strong
Type String Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
ParameterDefinitionsValueResponse
- Allowed
Values List<object> The allowed values for the parameter.
- Default
Value object The default value for the parameter if no value is provided.
- Metadata
Pulumi.
Azure Native. Authorization. Inputs. Parameter Definitions Value Response Metadata General metadata for the parameter.
- Type string
The data type of the parameter.
- Allowed
Values []interface{} The allowed values for the parameter.
- Default
Value interface{} The default value for the parameter if no value is provided.
- Metadata
Parameter
Definitions Value Response Metadata General metadata for the parameter.
- Type string
The data type of the parameter.
- allowed
Values List<Object> The allowed values for the parameter.
- default
Value Object The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Response Metadata General metadata for the parameter.
- type String
The data type of the parameter.
- allowed
Values any[] The allowed values for the parameter.
- default
Value any The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Response Metadata General metadata for the parameter.
- type string
The data type of the parameter.
- allowed_
values Sequence[Any] The allowed values for the parameter.
- default_
value Any The default value for the parameter if no value is provided.
- metadata
Parameter
Definitions Value Response Metadata General metadata for the parameter.
- type str
The data type of the parameter.
- allowed
Values List<Any> The allowed values for the parameter.
- default
Value Any The default value for the parameter if no value is provided.
- metadata Property Map
General metadata for the parameter.
- type String
The data type of the parameter.
ParameterDefinitionsValueResponseMetadata
- Assign
Permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
The description of the parameter.
- Display
Name string The display name for the parameter.
- Strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- Assign
Permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
The description of the parameter.
- Display
Name string The display name for the parameter.
- Strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions Boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
The description of the parameter.
- display
Name String The display name for the parameter.
- strong
Type String Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description string
The description of the parameter.
- display
Name string The display name for the parameter.
- strong
Type string Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign_
permissions bool Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description str
The description of the parameter.
- display_
name str The display name for the parameter.
- strong_
type str Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign
Permissions Boolean Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
The description of the parameter.
- display
Name String The display name for the parameter.
- strong
Type String Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
ParameterType
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- Date
Time - DateTime
- Parameter
Type String - String
- Parameter
Type Array - Array
- Parameter
Type Object - Object
- Parameter
Type Boolean - Boolean
- Parameter
Type Integer - Integer
- Parameter
Type Float - Float
- Parameter
Type Date Time - DateTime
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- Date
Time - DateTime
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- Date
Time - DateTime
- STRING
- String
- ARRAY
- Array
- OBJECT
- Object
- BOOLEAN
- Boolean
- INTEGER
- Integer
- FLOAT
- Float
- DATE_TIME
- DateTime
- "String"
- String
- "Array"
- Array
- "Object"
- Object
- "Boolean"
- Boolean
- "Integer"
- Integer
- "Float"
- Float
- "Date
Time" - DateTime
PolicyType
- Not
Specified - NotSpecified
- Built
In - BuiltIn
- Custom
- Custom
- Static
- Static
- Policy
Type Not Specified - NotSpecified
- Policy
Type Built In - BuiltIn
- Policy
Type Custom - Custom
- Policy
Type Static - Static
- Not
Specified - NotSpecified
- Built
In - BuiltIn
- Custom
- Custom
- Static
- Static
- Not
Specified - NotSpecified
- Built
In - BuiltIn
- Custom
- Custom
- Static
- Static
- NOT_SPECIFIED
- NotSpecified
- BUILT_IN
- BuiltIn
- CUSTOM
- Custom
- STATIC
- Static
- "Not
Specified" - NotSpecified
- "Built
In" - BuiltIn
- "Custom"
- Custom
- "Static"
- Static
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:PolicyDefinition ResourceNaming /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0