Docs
Packages
Azure Native v1.102.0, May 2 23
Azure Native v1.102.0, May 2 23
azure-native.authorization.PolicyExemption
Explore with Pulumi AI
The policy exemption. API Version: 2020-07-01-preview.
Example Usage
Create or update a policy exemption
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyExemption = new AzureNative.Authorization.PolicyExemption("policyExemption", new()
{
Description = "Exempt demo cluster from limit sku",
DisplayName = "Exempt demo cluster",
ExemptionCategory = "Waiver",
Metadata =
{
{ "reason", "Temporary exemption for a expensive VM demo" },
},
PolicyAssignmentId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
PolicyDefinitionReferenceIds = new[]
{
"Limit_Skus",
},
PolicyExemptionName = "DemoExpensiveVM",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native/sdk/go/azure/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyExemption(ctx, "policyExemption", &authorization.PolicyExemptionArgs{
Description: pulumi.String("Exempt demo cluster from limit sku"),
DisplayName: pulumi.String("Exempt demo cluster"),
ExemptionCategory: pulumi.String("Waiver"),
Metadata: pulumi.Any{
Reason: "Temporary exemption for a expensive VM demo",
},
PolicyAssignmentId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement"),
PolicyDefinitionReferenceIds: pulumi.StringArray{
pulumi.String("Limit_Skus"),
},
PolicyExemptionName: pulumi.String("DemoExpensiveVM"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyExemption;
import com.pulumi.azurenative.authorization.PolicyExemptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyExemption = new PolicyExemption("policyExemption", PolicyExemptionArgs.builder()
.description("Exempt demo cluster from limit sku")
.displayName("Exempt demo cluster")
.exemptionCategory("Waiver")
.metadata(Map.of("reason", "Temporary exemption for a expensive VM demo"))
.policyAssignmentId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement")
.policyDefinitionReferenceIds("Limit_Skus")
.policyExemptionName("DemoExpensiveVM")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_exemption = azure_native.authorization.PolicyExemption("policyExemption",
description="Exempt demo cluster from limit sku",
display_name="Exempt demo cluster",
exemption_category="Waiver",
metadata={
"reason": "Temporary exemption for a expensive VM demo",
},
policy_assignment_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
policy_definition_reference_ids=["Limit_Skus"],
policy_exemption_name="DemoExpensiveVM",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyExemption = new azure_native.authorization.PolicyExemption("policyExemption", {
description: "Exempt demo cluster from limit sku",
displayName: "Exempt demo cluster",
exemptionCategory: "Waiver",
metadata: {
reason: "Temporary exemption for a expensive VM demo",
},
policyAssignmentId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
policyDefinitionReferenceIds: ["Limit_Skus"],
policyExemptionName: "DemoExpensiveVM",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster",
});
resources:
policyExemption:
type: azure-native:authorization:PolicyExemption
properties:
description: Exempt demo cluster from limit sku
displayName: Exempt demo cluster
exemptionCategory: Waiver
metadata:
reason: Temporary exemption for a expensive VM demo
policyAssignmentId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement
policyDefinitionReferenceIds:
- Limit_Skus
policyExemptionName: DemoExpensiveVM
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster
Create PolicyExemption Resource
new PolicyExemption(name: string, args: PolicyExemptionArgs, opts?: CustomResourceOptions);@overload
def PolicyExemption(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
exemption_category: Optional[Union[str, ExemptionCategory]] = None,
expires_on: Optional[str] = None,
metadata: Optional[Any] = None,
policy_assignment_id: Optional[str] = None,
policy_definition_reference_ids: Optional[Sequence[str]] = None,
policy_exemption_name: Optional[str] = None,
scope: Optional[str] = None)
@overload
def PolicyExemption(resource_name: str,
args: PolicyExemptionArgs,
opts: Optional[ResourceOptions] = None)func NewPolicyExemption(ctx *Context, name string, args PolicyExemptionArgs, opts ...ResourceOption) (*PolicyExemption, error)public PolicyExemption(string name, PolicyExemptionArgs args, CustomResourceOptions? opts = null)
public PolicyExemption(String name, PolicyExemptionArgs args)
public PolicyExemption(String name, PolicyExemptionArgs args, CustomResourceOptions options)
type: azure-native:authorization:PolicyExemption
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
PolicyExemption Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyExemption resource accepts the following input properties:
- Exemption
Category string | Pulumi.Azure Native. Authorization. Exemption Category The policy exemption category. Possible values are Waiver and Mitigated.
- Policy
Assignment stringId The ID of the policy assignment that is being exempted.
- Scope string
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
The description of the policy exemption.
- Display
Name string The display name of the policy exemption.
- Expires
On string The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- Metadata object
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Policy
Definition List<string>Reference Ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- Policy
Exemption stringName The name of the policy exemption to delete.
- Exemption
Category string | ExemptionCategory The policy exemption category. Possible values are Waiver and Mitigated.
- Policy
Assignment stringId The ID of the policy assignment that is being exempted.
- Scope string
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
The description of the policy exemption.
- Display
Name string The display name of the policy exemption.
- Expires
On string The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- Metadata interface{}
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Policy
Definition []stringReference Ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- Policy
Exemption stringName The name of the policy exemption to delete.
- exemption
Category String | ExemptionCategory The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment StringId The ID of the policy assignment that is being exempted.
- scope String
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
The description of the policy exemption.
- display
Name String The display name of the policy exemption.
- expires
On String The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Object
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition List<String>Reference Ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption StringName The name of the policy exemption to delete.
- exemption
Category string | ExemptionCategory The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment stringId The ID of the policy assignment that is being exempted.
- scope string
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description string
The description of the policy exemption.
- display
Name string The display name of the policy exemption.
- expires
On string The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata any
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition string[]Reference Ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption stringName The name of the policy exemption to delete.
- exemption_
category str | ExemptionCategory The policy exemption category. Possible values are Waiver and Mitigated.
- policy_
assignment_ strid The ID of the policy assignment that is being exempted.
- scope str
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description str
The description of the policy exemption.
- display_
name str The display name of the policy exemption.
- expires_
on str The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Any
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy_
definition_ Sequence[str]reference_ ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy_
exemption_ strname The name of the policy exemption to delete.
- exemption
Category String | "Waiver" | "Mitigated" The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment StringId The ID of the policy assignment that is being exempted.
- scope String
The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
The description of the policy exemption.
- display
Name String The display name of the policy exemption.
- expires
On String The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Any
The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition List<String>Reference Ids The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption StringName The name of the policy exemption to delete.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyExemption resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
The name of the policy exemption.
- System
Data Pulumi.Azure Native. Authorization. Outputs. System Data Response Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
The type of the resource (Microsoft.Authorization/policyExemptions).
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
The name of the policy exemption.
- System
Data SystemData Response Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
The type of the resource (Microsoft.Authorization/policyExemptions).
- id String
The provider-assigned unique ID for this managed resource.
- name String
The name of the policy exemption.
- system
Data SystemData Response Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
The type of the resource (Microsoft.Authorization/policyExemptions).
- id string
The provider-assigned unique ID for this managed resource.
- name string
The name of the policy exemption.
- system
Data SystemData Response Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
The type of the resource (Microsoft.Authorization/policyExemptions).
- id str
The provider-assigned unique ID for this managed resource.
- name str
The name of the policy exemption.
- system_
data SystemData Response Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
The type of the resource (Microsoft.Authorization/policyExemptions).
- id String
The provider-assigned unique ID for this managed resource.
- name String
The name of the policy exemption.
- system
Data Property Map Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
The type of the resource (Microsoft.Authorization/policyExemptions).
Supporting Types
ExemptionCategory
- Waiver
- Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
- Exemption
Category Waiver - Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- Exemption
Category Mitigated - Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
- Waiver
- Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
- Waiver
- Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
- WAIVER
- Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- MITIGATED
- Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
- "Waiver"
- Waiver
This category of exemptions usually means the scope is not applicable for the policy.
- "Mitigated"
- Mitigated
This category of exemptions usually means the mitigation actions have been applied to the scope.
SystemDataResponse
- Created
At string The timestamp of resource creation (UTC).
- Created
By string The identity that created the resource.
- Created
By stringType The type of identity that created the resource.
- Last
Modified stringAt The timestamp of resource last modification (UTC)
- Last
Modified stringBy The identity that last modified the resource.
- Last
Modified stringBy Type The type of identity that last modified the resource.
- Created
At string The timestamp of resource creation (UTC).
- Created
By string The identity that created the resource.
- Created
By stringType The type of identity that created the resource.
- Last
Modified stringAt The timestamp of resource last modification (UTC)
- Last
Modified stringBy The identity that last modified the resource.
- Last
Modified stringBy Type The type of identity that last modified the resource.
- created
At String The timestamp of resource creation (UTC).
- created
By String The identity that created the resource.
- created
By StringType The type of identity that created the resource.
- last
Modified StringAt The timestamp of resource last modification (UTC)
- last
Modified StringBy The identity that last modified the resource.
- last
Modified StringBy Type The type of identity that last modified the resource.
- created
At string The timestamp of resource creation (UTC).
- created
By string The identity that created the resource.
- created
By stringType The type of identity that created the resource.
- last
Modified stringAt The timestamp of resource last modification (UTC)
- last
Modified stringBy The identity that last modified the resource.
- last
Modified stringBy Type The type of identity that last modified the resource.
- created_
at str The timestamp of resource creation (UTC).
- created_
by str The identity that created the resource.
- created_
by_ strtype The type of identity that created the resource.
- last_
modified_ strat The timestamp of resource last modification (UTC)
- last_
modified_ strby The identity that last modified the resource.
- last_
modified_ strby_ type The type of identity that last modified the resource.
- created
At String The timestamp of resource creation (UTC).
- created
By String The identity that created the resource.
- created
By StringType The type of identity that created the resource.
- last
Modified StringAt The timestamp of resource last modification (UTC)
- last
Modified StringBy The identity that last modified the resource.
- last
Modified StringBy Type The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:PolicyExemption DemoExpensiveVM /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster/providers/Microsoft.Authorization/policyExemptions/DemoExpensiveVM
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0