azure.policy.PolicySetDefinition (v4)

Azure v4.42.0 (4.x), Mar 9 26

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Azure.Policy.PolicySetDefinition("example", new Azure.Policy.PolicySetDefinitionArgs
        {
            DisplayName = "Test Policy Set",
            Parameters = @"    {
        ""allowedLocations"": {
            ""type"": ""Array"",
            ""metadata"": {
                ""description"": ""The list of allowed locations for resources."",
                ""displayName"": ""Allowed locations"",
                ""strongType"": ""location""
            }
        }
    }

",
            PolicyDefinitionReferences = 
            {
                new Azure.Policy.Inputs.PolicySetDefinitionPolicyDefinitionReferenceArgs
                {
                    ParameterValues = @"    {
      ""listOfAllowedLocations"": {""value"": ""[parameters('allowedLocations')]""}
    }
    
",
                    PolicyDefinitionId = "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988",
                },
            },
            PolicyType = "Custom",
        });
    }

}

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-azure/sdk/v4/go/azure/policy"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewPolicySetDefinition(ctx, "example", &policy.PolicySetDefinitionArgs{
			DisplayName: pulumi.String("Test Policy Set"),
			Parameters:  pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v", "    {\n", "        \"allowedLocations\": {\n", "            \"type\": \"Array\",\n", "            \"metadata\": {\n", "                \"description\": \"The list of allowed locations for resources.\",\n", "                \"displayName\": \"Allowed locations\",\n", "                \"strongType\": \"location\"\n", "            }\n", "        }\n", "    }\n", "\n")),
			PolicyDefinitionReferences: policy.PolicySetDefinitionPolicyDefinitionReferenceArray{
				&policy.PolicySetDefinitionPolicyDefinitionReferenceArgs{
					ParameterValues:    pulumi.String(fmt.Sprintf("%v%v%v%v", "    {\n", "      \"listOfAllowedLocations\": {\"value\": \"[parameters('allowedLocations')]\"}\n", "    }\n", "    \n")),
					PolicyDefinitionId: pulumi.String("/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988"),
				},
			},
			PolicyType: pulumi.String("Custom"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Example coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const example = new azure.policy.PolicySetDefinition("example", {
    displayName: "Test Policy Set",
    parameters: `    {
        "allowedLocations": {
            "type": "Array",
            "metadata": {
                "description": "The list of allowed locations for resources.",
                "displayName": "Allowed locations",
                "strongType": "location"
            }
        }
    }
`,
    policyDefinitionReferences: [{
        parameterValues: `    {
      "listOfAllowedLocations": {"value": "[parameters('allowedLocations')]"}
    }
    `,
        policyDefinitionId: "/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988",
    }],
    policyType: "Custom",
});

import pulumi
import pulumi_azure as azure

example = azure.policy.PolicySetDefinition("example",
    display_name="Test Policy Set",
    parameters="""    {
        "allowedLocations": {
            "type": "Array",
            "metadata": {
                "description": "The list of allowed locations for resources.",
                "displayName": "Allowed locations",
                "strongType": "location"
            }
        }
    }

""",
    policy_definition_references=[azure.policy.PolicySetDefinitionPolicyDefinitionReferenceArgs(
        parameter_values="""    {
      "listOfAllowedLocations": {"value": "[parameters('allowedLocations')]"}
    }
    
""",
        policy_definition_id="/providers/Microsoft.Authorization/policyDefinitions/e765b5de-1225-4ba3-bd56-1ac6695af988",
    )],
    policy_type="Custom")

Example coming soon!

Create PolicySetDefinition Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicySetDefinition(name: string, args: PolicySetDefinitionArgs, opts?: CustomResourceOptions);

@overload
def PolicySetDefinition(resource_name: str,
                        args: PolicySetDefinitionArgs,
                        opts: Optional[ResourceOptions] = None)

@overload
def PolicySetDefinition(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        display_name: Optional[str] = None,
                        policy_type: Optional[str] = None,
                        description: Optional[str] = None,
                        management_group_id: Optional[str] = None,
                        management_group_name: Optional[str] = None,
                        metadata: Optional[str] = None,
                        name: Optional[str] = None,
                        parameters: Optional[str] = None,
                        policy_definition_groups: Optional[Sequence[PolicySetDefinitionPolicyDefinitionGroupArgs]] = None,
                        policy_definition_references: Optional[Sequence[PolicySetDefinitionPolicyDefinitionReferenceArgs]] = None,
                        policy_definitions: Optional[str] = None)

func NewPolicySetDefinition(ctx *Context, name string, args PolicySetDefinitionArgs, opts ...ResourceOption) (*PolicySetDefinition, error)

public PolicySetDefinition(string name, PolicySetDefinitionArgs args, CustomResourceOptions? opts = null)

public PolicySetDefinition(String name, PolicySetDefinitionArgs args)
public PolicySetDefinition(String name, PolicySetDefinitionArgs args, CustomResourceOptions options)

type: azure:policy:PolicySetDefinition
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicySetDefinitionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicySetDefinitionArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicySetDefinitionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicySetDefinitionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicySetDefinitionArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policySetDefinitionResource = new Azure.Policy.PolicySetDefinition("policySetDefinitionResource", new()
{
    DisplayName = "string",
    PolicyType = "string",
    Description = "string",
    ManagementGroupId = "string",
    Metadata = "string",
    Name = "string",
    Parameters = "string",
    PolicyDefinitionGroups = new[]
    {
        new Azure.Policy.Inputs.PolicySetDefinitionPolicyDefinitionGroupArgs
        {
            Name = "string",
            AdditionalMetadataResourceId = "string",
            Category = "string",
            Description = "string",
            DisplayName = "string",
        },
    },
    PolicyDefinitionReferences = new[]
    {
        new Azure.Policy.Inputs.PolicySetDefinitionPolicyDefinitionReferenceArgs
        {
            PolicyDefinitionId = "string",
            ParameterValues = "string",
            PolicyGroupNames = new[]
            {
                "string",
            },
            ReferenceId = "string",
        },
    },
});

example, err := policy.NewPolicySetDefinition(ctx, "policySetDefinitionResource", &policy.PolicySetDefinitionArgs{
	DisplayName:       pulumi.String("string"),
	PolicyType:        pulumi.String("string"),
	Description:       pulumi.String("string"),
	ManagementGroupId: pulumi.String("string"),
	Metadata:          pulumi.String("string"),
	Name:              pulumi.String("string"),
	Parameters:        pulumi.String("string"),
	PolicyDefinitionGroups: policy.PolicySetDefinitionPolicyDefinitionGroupArray{
		&policy.PolicySetDefinitionPolicyDefinitionGroupArgs{
			Name:                         pulumi.String("string"),
			AdditionalMetadataResourceId: pulumi.String("string"),
			Category:                     pulumi.String("string"),
			Description:                  pulumi.String("string"),
			DisplayName:                  pulumi.String("string"),
		},
	},
	PolicyDefinitionReferences: policy.PolicySetDefinitionPolicyDefinitionReferenceArray{
		&policy.PolicySetDefinitionPolicyDefinitionReferenceArgs{
			PolicyDefinitionId: pulumi.String("string"),
			ParameterValues:    pulumi.String("string"),
			PolicyGroupNames: pulumi.StringArray{
				pulumi.String("string"),
			},
			ReferenceId: pulumi.String("string"),
		},
	},
})

var policySetDefinitionResource = new PolicySetDefinition("policySetDefinitionResource", PolicySetDefinitionArgs.builder()
    .displayName("string")
    .policyType("string")
    .description("string")
    .managementGroupId("string")
    .metadata("string")
    .name("string")
    .parameters("string")
    .policyDefinitionGroups(PolicySetDefinitionPolicyDefinitionGroupArgs.builder()
        .name("string")
        .additionalMetadataResourceId("string")
        .category("string")
        .description("string")
        .displayName("string")
        .build())
    .policyDefinitionReferences(PolicySetDefinitionPolicyDefinitionReferenceArgs.builder()
        .policyDefinitionId("string")
        .parameterValues("string")
        .policyGroupNames("string")
        .referenceId("string")
        .build())
    .build());

policy_set_definition_resource = azure.policy.PolicySetDefinition("policySetDefinitionResource",
    display_name="string",
    policy_type="string",
    description="string",
    management_group_id="string",
    metadata="string",
    name="string",
    parameters="string",
    policy_definition_groups=[{
        "name": "string",
        "additional_metadata_resource_id": "string",
        "category": "string",
        "description": "string",
        "display_name": "string",
    }],
    policy_definition_references=[{
        "policy_definition_id": "string",
        "parameter_values": "string",
        "policy_group_names": ["string"],
        "reference_id": "string",
    }])

const policySetDefinitionResource = new azure.policy.PolicySetDefinition("policySetDefinitionResource", {
    displayName: "string",
    policyType: "string",
    description: "string",
    managementGroupId: "string",
    metadata: "string",
    name: "string",
    parameters: "string",
    policyDefinitionGroups: [{
        name: "string",
        additionalMetadataResourceId: "string",
        category: "string",
        description: "string",
        displayName: "string",
    }],
    policyDefinitionReferences: [{
        policyDefinitionId: "string",
        parameterValues: "string",
        policyGroupNames: ["string"],
        referenceId: "string",
    }],
});

type: azure:policy:PolicySetDefinition
properties:
    description: string
    displayName: string
    managementGroupId: string
    metadata: string
    name: string
    parameters: string
    policyDefinitionGroups:
        - additionalMetadataResourceId: string
          category: string
          description: string
          displayName: string
          name: string
    policyDefinitionReferences:
        - parameterValues: string
          policyDefinitionId: string
          policyGroupNames:
            - string
          referenceId: string
    policyType: string

PolicySetDefinition Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicySetDefinition resource accepts the following input properties:

DisplayName string: The display name of the policy set definition.
PolicyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
Description string: The description of the policy set definition.
ManagementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
ManagementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
Metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
Name string: The name of the policy set definition. Changing this forces a new resource to be created.
Parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
PolicyDefinitionGroups List<PolicySetDefinitionPolicyDefinitionGroup>: One or more policy_definition_group blocks as defined below.
PolicyDefinitionReferences List<PolicySetDefinitionPolicyDefinitionReference>: One or more policy_definition_reference blocks as defined below.
PolicyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

DisplayName string: The display name of the policy set definition.
PolicyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
Description string: The description of the policy set definition.
ManagementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
ManagementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
Metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
Name string: The name of the policy set definition. Changing this forces a new resource to be created.
Parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
PolicyDefinitionGroups []PolicySetDefinitionPolicyDefinitionGroupArgs: One or more policy_definition_group blocks as defined below.
PolicyDefinitionReferences []PolicySetDefinitionPolicyDefinitionReferenceArgs: One or more policy_definition_reference blocks as defined below.
PolicyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

displayName String: The display name of the policy set definition.
policyType String: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
description String: The description of the policy set definition.
managementGroupId String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata String: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name String: The name of the policy set definition. Changing this forces a new resource to be created.
parameters String: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups List<PolicySetDefinitionPolicyDefinitionGroup>: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences List<PolicySetDefinitionPolicyDefinitionReference>: One or more policy_definition_reference blocks as defined below.
policyDefinitions String: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

displayName string: The display name of the policy set definition.
policyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
description string: The description of the policy set definition.
managementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name string: The name of the policy set definition. Changing this forces a new resource to be created.
parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups PolicySetDefinitionPolicyDefinitionGroup[]: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences PolicySetDefinitionPolicyDefinitionReference[]: One or more policy_definition_reference blocks as defined below.
policyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

display_name str: The display name of the policy set definition.
policy_type str: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
description str: The description of the policy set definition.
management_group_id str: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
management_group_name str: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata str: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name str: The name of the policy set definition. Changing this forces a new resource to be created.
parameters str: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policy_definition_groups Sequence[PolicySetDefinitionPolicyDefinitionGroupArgs]: One or more policy_definition_group blocks as defined below.
policy_definition_references Sequence[PolicySetDefinitionPolicyDefinitionReferenceArgs]: One or more policy_definition_reference blocks as defined below.
policy_definitions str: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

displayName String: The display name of the policy set definition.
policyType String: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.
description String: The description of the policy set definition.
managementGroupId String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata String: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name String: The name of the policy set definition. Changing this forces a new resource to be created.
parameters String: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups List<Property Map>: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences List<Property Map>: One or more policy_definition_reference blocks as defined below.
policyDefinitions String: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicySetDefinition resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing PolicySetDefinition Resource

Get an existing PolicySetDefinition resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicySetDefinitionState, opts?: CustomResourceOptions): PolicySetDefinition

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        management_group_id: Optional[str] = None,
        management_group_name: Optional[str] = None,
        metadata: Optional[str] = None,
        name: Optional[str] = None,
        parameters: Optional[str] = None,
        policy_definition_groups: Optional[Sequence[PolicySetDefinitionPolicyDefinitionGroupArgs]] = None,
        policy_definition_references: Optional[Sequence[PolicySetDefinitionPolicyDefinitionReferenceArgs]] = None,
        policy_definitions: Optional[str] = None,
        policy_type: Optional[str] = None) -> PolicySetDefinition

func GetPolicySetDefinition(ctx *Context, name string, id IDInput, state *PolicySetDefinitionState, opts ...ResourceOption) (*PolicySetDefinition, error)

public static PolicySetDefinition Get(string name, Input<string> id, PolicySetDefinitionState? state, CustomResourceOptions? opts = null)

public static PolicySetDefinition get(String name, Output<String> id, PolicySetDefinitionState state, CustomResourceOptions options)

resources:  _:    type: azure:policy:PolicySetDefinition    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Description string: The description of the policy set definition.
DisplayName string: The display name of the policy set definition.
ManagementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
ManagementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
Metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
Name string: The name of the policy set definition. Changing this forces a new resource to be created.
Parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
PolicyDefinitionGroups List<PolicySetDefinitionPolicyDefinitionGroup>: One or more policy_definition_group blocks as defined below.
PolicyDefinitionReferences List<PolicySetDefinitionPolicyDefinitionReference>: One or more policy_definition_reference blocks as defined below.
PolicyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
PolicyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

Description string: The description of the policy set definition.
DisplayName string: The display name of the policy set definition.
ManagementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
ManagementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
Metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
Name string: The name of the policy set definition. Changing this forces a new resource to be created.
Parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
PolicyDefinitionGroups []PolicySetDefinitionPolicyDefinitionGroupArgs: One or more policy_definition_group blocks as defined below.
PolicyDefinitionReferences []PolicySetDefinitionPolicyDefinitionReferenceArgs: One or more policy_definition_reference blocks as defined below.
PolicyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
PolicyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

description String: The description of the policy set definition.
displayName String: The display name of the policy set definition.
managementGroupId String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata String: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name String: The name of the policy set definition. Changing this forces a new resource to be created.
parameters String: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups List<PolicySetDefinitionPolicyDefinitionGroup>: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences List<PolicySetDefinitionPolicyDefinitionReference>: One or more policy_definition_reference blocks as defined below.
policyDefinitions String: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
policyType String: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

description string: The description of the policy set definition.
displayName string: The display name of the policy set definition.
managementGroupId string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName string: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata string: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name string: The name of the policy set definition. Changing this forces a new resource to be created.
parameters string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups PolicySetDefinitionPolicyDefinitionGroup[]: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences PolicySetDefinitionPolicyDefinitionReference[]: One or more policy_definition_reference blocks as defined below.
policyDefinitions string: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
policyType string: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

description str: The description of the policy set definition.
display_name str: The display name of the policy set definition.
management_group_id str: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
management_group_name str: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata str: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name str: The name of the policy set definition. Changing this forces a new resource to be created.
parameters str: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policy_definition_groups Sequence[PolicySetDefinitionPolicyDefinitionGroupArgs]: One or more policy_definition_group blocks as defined below.
policy_definition_references Sequence[PolicySetDefinitionPolicyDefinitionReferenceArgs]: One or more policy_definition_reference blocks as defined below.
policy_definitions str: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
policy_type str: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

description String: The description of the policy set definition.
displayName String: The display name of the policy set definition.
managementGroupId String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
managementGroupName String: The name of the Management Group where this policy set definition should be defined. Changing this forces a new resource to be created.
Deprecated: Deprecated in favour of management_group_id
metadata String: The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition.
name String: The name of the policy set definition. Changing this forces a new resource to be created.
parameters String: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
policyDefinitionGroups List<Property Map>: One or more policy_definition_group blocks as defined below.
policyDefinitionReferences List<Property Map>: One or more policy_definition_reference blocks as defined below.
policyDefinitions String: The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions.
Deprecated: Deprecated in favour of policy_definition_reference
policyType String: The policy set type. Possible values are BuiltIn or Custom. Changing this forces a new resource to be created.

Supporting Types

PolicySetDefinitionPolicyDefinitionGroup, PolicySetDefinitionPolicyDefinitionGroupArgs

Name string: The name of this policy definition group.
AdditionalMetadataResourceId string: The ID of a resource that contains additional metadata about this policy definition group.
Category string: The category of this policy definition group.
Description string: The description of this policy definition group.
DisplayName string: The display name of this policy definition group.

Name string: The name of this policy definition group.
AdditionalMetadataResourceId string: The ID of a resource that contains additional metadata about this policy definition group.
Category string: The category of this policy definition group.
Description string: The description of this policy definition group.
DisplayName string: The display name of this policy definition group.

name String: The name of this policy definition group.
additionalMetadataResourceId String: The ID of a resource that contains additional metadata about this policy definition group.
category String: The category of this policy definition group.
description String: The description of this policy definition group.
displayName String: The display name of this policy definition group.

name string: The name of this policy definition group.
additionalMetadataResourceId string: The ID of a resource that contains additional metadata about this policy definition group.
category string: The category of this policy definition group.
description string: The description of this policy definition group.
displayName string: The display name of this policy definition group.

name str: The name of this policy definition group.
additional_metadata_resource_id str: The ID of a resource that contains additional metadata about this policy definition group.
category str: The category of this policy definition group.
description str: The description of this policy definition group.
display_name str: The display name of this policy definition group.

name String: The name of this policy definition group.
additionalMetadataResourceId String: The ID of a resource that contains additional metadata about this policy definition group.
category String: The category of this policy definition group.
description String: The description of this policy definition group.
displayName String: The display name of this policy definition group.

PolicySetDefinitionPolicyDefinitionReference, PolicySetDefinitionPolicyDefinitionReferenceArgs

PolicyDefinitionId string: The ID of the policy definition or policy set definition that will be included in this policy set definition.
ParameterValues string: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
Parameters Dictionary<string, string>: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
PolicyGroupNames List<string>: A list of names of the policy definition groups that this policy definition reference belongs to.
ReferenceId string: A unique ID within this policy set definition for this policy definition reference.

PolicyDefinitionId string: The ID of the policy definition or policy set definition that will be included in this policy set definition.
ParameterValues string: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
Parameters map[string]string: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
PolicyGroupNames []string: A list of names of the policy definition groups that this policy definition reference belongs to.
ReferenceId string: A unique ID within this policy set definition for this policy definition reference.

policyDefinitionId String: The ID of the policy definition or policy set definition that will be included in this policy set definition.
parameterValues String: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
parameters Map<String,String>: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
policyGroupNames List<String>: A list of names of the policy definition groups that this policy definition reference belongs to.
referenceId String: A unique ID within this policy set definition for this policy definition reference.

policyDefinitionId string: The ID of the policy definition or policy set definition that will be included in this policy set definition.
parameterValues string: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
parameters {[key: string]: string}: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
policyGroupNames string[]: A list of names of the policy definition groups that this policy definition reference belongs to.
referenceId string: A unique ID within this policy set definition for this policy definition reference.

policy_definition_id str: The ID of the policy definition or policy set definition that will be included in this policy set definition.
parameter_values str: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
parameters Mapping[str, str]: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
policy_group_names Sequence[str]: A list of names of the policy definition groups that this policy definition reference belongs to.
reference_id str: A unique ID within this policy set definition for this policy definition reference.

policyDefinitionId String: The ID of the policy definition or policy set definition that will be included in this policy set definition.
parameterValues String: Parameter values for the referenced policy rule. This field is a JSON string that allows you to assign parameters to this policy rule.
parameters Map<String>: Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition.
Deprecated: Deprecated in favour of parameter_values
policyGroupNames List<String>: A list of names of the policy definition groups that this policy definition reference belongs to.
referenceId String: A unique ID within this policy set definition for this policy definition reference.

Import

Policy Set Definitions can be imported using the resource id, e.g.

 $ pulumi import azure:policy/policySetDefinition:PolicySetDefinition example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/testPolicySet

 $ pulumi import azure:policy/policySetDefinition:PolicySetDefinition example /providers/Microsoft.Management/managementGroups/my-mgmt-group-id/providers/Microsoft.Authorization/policySetDefinitions/testPolicySet

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Azure Classic pulumi/pulumi-azure
License: Apache-2.0
Notes: This Pulumi package is based on the azurerm Terraform Provider.

We recommend using Azure Native.

Viewing docs for Azure v4.42.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi

Go to latest version

Schema (JSON)

pulumi/pulumi-azure

azure.policy.PolicySetDefinition

On this page

On this page

Example Usage

Create PolicySetDefinition Resource

Constructor syntax

Parameters

Constructor example

PolicySetDefinition Resource Properties

Inputs

Outputs

Look up Existing PolicySetDefinition Resource

Supporting Types

PolicySetDefinitionPolicyDefinitionGroup, PolicySetDefinitionPolicyDefinitionGroupArgs

PolicySetDefinitionPolicyDefinitionReference, PolicySetDefinitionPolicyDefinitionReferenceArgs

Import

Package Details

On this page

On this page