Azure v6.28.0, Oct 3 25

We recommend using Azure Native.

Azure v6.28.0 published on Friday, Oct 3, 2025 by Pulumi

pulumi/pulumi-azure

azure.policy.getPolicyAssignment

We recommend using Azure Native.

Azure v6.28.0 published on Friday, Oct 3, 2025 by Pulumi

pulumi/pulumi-azure

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = azure.policy.getPolicyAssignment({
    name: "existing",
    scopeId: exampleAzurermResourceGroup.id,
});
export const id = example.then(example => example.id);

import pulumi
import pulumi_azure as azure

example = azure.policy.get_policy_assignment(name="existing",
    scope_id=example_azurerm_resource_group["id"])
pulumi.export("id", example.id)

package main

import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/policy"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := policy.GetPolicyAssignment(ctx, &policy.GetPolicyAssignmentArgs{
			Name:    "existing",
			ScopeId: exampleAzurermResourceGroup.Id,
		}, nil)
		if err != nil {
			return err
		}
		ctx.Export("id", example.Id)
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var example = Azure.Policy.GetPolicyAssignment.Invoke(new()
    {
        Name = "existing",
        ScopeId = exampleAzurermResourceGroup.Id,
    });

    return new Dictionary<string, object?>
    {
        ["id"] = example.Apply(getPolicyAssignmentResult => getPolicyAssignmentResult.Id),
    };
});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.policy.PolicyFunctions;
import com.pulumi.azure.policy.inputs.GetPolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = PolicyFunctions.getPolicyAssignment(GetPolicyAssignmentArgs.builder()
            .name("existing")
            .scopeId(exampleAzurermResourceGroup.id())
            .build());

        ctx.export("id", example.id());
    }
}

variables:
  example:
    fn::invoke:
      function: azure:policy:getPolicyAssignment
      arguments:
        name: existing
        scopeId: ${exampleAzurermResourceGroup.id}
outputs:
  id: ${example.id}

API Providers

This data source uses the following Azure API Providers:

Microsoft.Authorization - 2022-06-01

Using getPolicyAssignment

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getPolicyAssignment(args: GetPolicyAssignmentArgs, opts?: InvokeOptions): Promise<GetPolicyAssignmentResult>
function getPolicyAssignmentOutput(args: GetPolicyAssignmentOutputArgs, opts?: InvokeOptions): Output<GetPolicyAssignmentResult>

def get_policy_assignment(name: Optional[str] = None,
                          scope_id: Optional[str] = None,
                          opts: Optional[InvokeOptions] = None) -> GetPolicyAssignmentResult
def get_policy_assignment_output(name: Optional[pulumi.Input[str]] = None,
                          scope_id: Optional[pulumi.Input[str]] = None,
                          opts: Optional[InvokeOptions] = None) -> Output[GetPolicyAssignmentResult]

func GetPolicyAssignment(ctx *Context, args *GetPolicyAssignmentArgs, opts ...InvokeOption) (*GetPolicyAssignmentResult, error)
func GetPolicyAssignmentOutput(ctx *Context, args *GetPolicyAssignmentOutputArgs, opts ...InvokeOption) GetPolicyAssignmentResultOutput

> Note: This function is named GetPolicyAssignment in the Go SDK.

public static class GetPolicyAssignment 
{
    public static Task<GetPolicyAssignmentResult> InvokeAsync(GetPolicyAssignmentArgs args, InvokeOptions? opts = null)
    public static Output<GetPolicyAssignmentResult> Invoke(GetPolicyAssignmentInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetPolicyAssignmentResult> getPolicyAssignment(GetPolicyAssignmentArgs args, InvokeOptions options)
public static Output<GetPolicyAssignmentResult> getPolicyAssignment(GetPolicyAssignmentArgs args, InvokeOptions options)

fn::invoke:
  function: azure:policy/getPolicyAssignment:getPolicyAssignment
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
ScopeId string: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

Name string: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
ScopeId string: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

name String: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
scopeId String: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

name string: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
scopeId string: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

name str: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
scope_id str: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

name String: The name of this Policy Assignment. Changing this forces a new Policy Assignment to be created.
scopeId String: The ID of the scope this Policy Assignment is assigned to. The scope_id can be a subscription id, a resource group id, a management group id, or an ID of any resource that is assigned with a policy. Changing this forces a new Policy Assignment to be created.

getPolicyAssignment Result

The following output properties are available:

Description string: The description of this Policy Assignment.
DisplayName string: The display name of this Policy Assignment.
Enforce bool: Whether this Policy is enforced or not?
Id string: The provider-assigned unique ID for this managed resource.
Identities List<GetPolicyAssignmentIdentity>: A identity block as defined below.
Location string: The Azure Region where the Policy Assignment exists.
Metadata string: A JSON mapping of any Metadata for this Policy.
Name string
NonComplianceMessages List<GetPolicyAssignmentNonComplianceMessage>: A non_compliance_message block as defined below.
NotScopes List<string>: A not_scopes block as defined below.
Parameters string: A JSON mapping of any Parameters for this Policy.
PolicyDefinitionId string: The ID of the assigned Policy Definition.
ScopeId string

Description string: The description of this Policy Assignment.
DisplayName string: The display name of this Policy Assignment.
Enforce bool: Whether this Policy is enforced or not?
Id string: The provider-assigned unique ID for this managed resource.
Identities []GetPolicyAssignmentIdentity: A identity block as defined below.
Location string: The Azure Region where the Policy Assignment exists.
Metadata string: A JSON mapping of any Metadata for this Policy.
Name string
NonComplianceMessages []GetPolicyAssignmentNonComplianceMessage: A non_compliance_message block as defined below.
NotScopes []string: A not_scopes block as defined below.
Parameters string: A JSON mapping of any Parameters for this Policy.
PolicyDefinitionId string: The ID of the assigned Policy Definition.
ScopeId string

description String: The description of this Policy Assignment.
displayName String: The display name of this Policy Assignment.
enforce Boolean: Whether this Policy is enforced or not?
id String: The provider-assigned unique ID for this managed resource.
identities List<GetPolicyAssignmentIdentity>: A identity block as defined below.
location String: The Azure Region where the Policy Assignment exists.
metadata String: A JSON mapping of any Metadata for this Policy.
name String
nonComplianceMessages List<GetPolicyAssignmentNonComplianceMessage>: A non_compliance_message block as defined below.
notScopes List<String>: A not_scopes block as defined below.
parameters String: A JSON mapping of any Parameters for this Policy.
policyDefinitionId String: The ID of the assigned Policy Definition.
scopeId String

description string: The description of this Policy Assignment.
displayName string: The display name of this Policy Assignment.
enforce boolean: Whether this Policy is enforced or not?
id string: The provider-assigned unique ID for this managed resource.
identities GetPolicyAssignmentIdentity[]: A identity block as defined below.
location string: The Azure Region where the Policy Assignment exists.
metadata string: A JSON mapping of any Metadata for this Policy.
name string
nonComplianceMessages GetPolicyAssignmentNonComplianceMessage[]: A non_compliance_message block as defined below.
notScopes string[]: A not_scopes block as defined below.
parameters string: A JSON mapping of any Parameters for this Policy.
policyDefinitionId string: The ID of the assigned Policy Definition.
scopeId string

description str: The description of this Policy Assignment.
display_name str: The display name of this Policy Assignment.
enforce bool: Whether this Policy is enforced or not?
id str: The provider-assigned unique ID for this managed resource.
identities Sequence[GetPolicyAssignmentIdentity]: A identity block as defined below.
location str: The Azure Region where the Policy Assignment exists.
metadata str: A JSON mapping of any Metadata for this Policy.
name str
non_compliance_messages Sequence[GetPolicyAssignmentNonComplianceMessage]: A non_compliance_message block as defined below.
not_scopes Sequence[str]: A not_scopes block as defined below.
parameters str: A JSON mapping of any Parameters for this Policy.
policy_definition_id str: The ID of the assigned Policy Definition.
scope_id str

description String: The description of this Policy Assignment.
displayName String: The display name of this Policy Assignment.
enforce Boolean: Whether this Policy is enforced or not?
id String: The provider-assigned unique ID for this managed resource.
identities List<Property Map>: A identity block as defined below.
location String: The Azure Region where the Policy Assignment exists.
metadata String: A JSON mapping of any Metadata for this Policy.
name String
nonComplianceMessages List<Property Map>: A non_compliance_message block as defined below.
notScopes List<String>: A not_scopes block as defined below.
parameters String: A JSON mapping of any Parameters for this Policy.
policyDefinitionId String: The ID of the assigned Policy Definition.
scopeId String

Supporting Types

GetPolicyAssignmentIdentity

IdentityIds List<string>: A identity_ids block as defined below.
PrincipalId string: The Principal ID of the Policy Assignment for this Resource.
TenantId string: The Tenant ID of the Policy Assignment for this Resource.
Type string: The Type of Managed Identity which is added to this Policy Assignment.

IdentityIds []string: A identity_ids block as defined below.
PrincipalId string: The Principal ID of the Policy Assignment for this Resource.
TenantId string: The Tenant ID of the Policy Assignment for this Resource.
Type string: The Type of Managed Identity which is added to this Policy Assignment.

identityIds List<String>: A identity_ids block as defined below.
principalId String: The Principal ID of the Policy Assignment for this Resource.
tenantId String: The Tenant ID of the Policy Assignment for this Resource.
type String: The Type of Managed Identity which is added to this Policy Assignment.

identityIds string[]: A identity_ids block as defined below.
principalId string: The Principal ID of the Policy Assignment for this Resource.
tenantId string: The Tenant ID of the Policy Assignment for this Resource.
type string: The Type of Managed Identity which is added to this Policy Assignment.

identity_ids Sequence[str]: A identity_ids block as defined below.
principal_id str: The Principal ID of the Policy Assignment for this Resource.
tenant_id str: The Tenant ID of the Policy Assignment for this Resource.
type str: The Type of Managed Identity which is added to this Policy Assignment.

identityIds List<String>: A identity_ids block as defined below.
principalId String: The Principal ID of the Policy Assignment for this Resource.
tenantId String: The Tenant ID of the Policy Assignment for this Resource.
type String: The Type of Managed Identity which is added to this Policy Assignment.

GetPolicyAssignmentNonComplianceMessage

Content string: The non-compliance message text.
PolicyDefinitionReferenceId string: The ID of the Policy Definition that the non-compliance message applies to.

Content string: The non-compliance message text.
PolicyDefinitionReferenceId string: The ID of the Policy Definition that the non-compliance message applies to.

content String: The non-compliance message text.
policyDefinitionReferenceId String: The ID of the Policy Definition that the non-compliance message applies to.

content string: The non-compliance message text.
policyDefinitionReferenceId string: The ID of the Policy Definition that the non-compliance message applies to.

content str: The non-compliance message text.
policy_definition_reference_id str: The ID of the Policy Definition that the non-compliance message applies to.

content String: The non-compliance message text.
policyDefinitionReferenceId String: The ID of the Policy Definition that the non-compliance message applies to.

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

We recommend using Azure Native.

Azure v6.28.0 published on Friday, Oct 3, 2025 by Pulumi

pulumi/pulumi-azure

azure.policy.getPolicyAssignment

On this page

On this page

Example Usage

API Providers

Using getPolicyAssignment

getPolicyAssignment Result

Supporting Types

GetPolicyAssignmentIdentity

GetPolicyAssignmentNonComplianceMessage

Package Details

On this page

On this page