Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant - See tenant deployment commands* Management groups - See management group deployment commands* Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Authorization/policyDefinitions@2019-01-01' = {
name: 'string'
properties: {
description: 'string'
displayName: 'string'
metadata: any(...)
mode: 'string'
parameters: any(...)
policyRule: any(...)
policyType: 'string'
}
}
Property Values
Microsoft.Authorization/policyDefinitions
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | The policy definition properties. | PolicyDefinitionProperties |
PolicyDefinitionProperties
| Name | Description | Value |
|---|---|---|
| description | The policy definition description. | string |
| displayName | The display name of the policy definition. | string |
| metadata | The policy definition metadata. | any |
| mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
| parameters | Required if a parameter is used in policy rule. | any |
| policyRule | The policy rule. | any |
| policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. | 'BuiltIn' 'Custom' 'NotSpecified' |
Usage Examples
Azure Quickstart Samples
The following Azure Quickstart templates contain Bicep samples for deploying this resource type.
| Bicep File | Description |
|---|---|
| Create an Azure Virtual Network Manager and sample VNETs | This template deploys an Azure Virtual Network Manager and sample virtual networks into the named resource group. It supports multiple connectivity topologies and network group membership types. |
| Deploy a Policy Def and Assign to Multiple Mgmt Groups | This template is a management group level template that will create a policy definition and assign that policy to multiple management groups. |
| Deploy a policy definition and assign to a management group | This template is a management group level template that will create a policy definition and assign that policy to the target management group. Currently, this template cannot be deployed via the Azure Portal. |
ARM template resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant - See tenant deployment commands* Management groups - See management group deployment commands* Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following JSON to your template.
{
"type": "Microsoft.Authorization/policyDefinitions",
"apiVersion": "2019-01-01",
"name": "string",
"properties": {
"description": "string",
"displayName": "string",
"metadata": {},
"mode": "string",
"parameters": {},
"policyRule": {},
"policyType": "string"
}
}
Property Values
Microsoft.Authorization/policyDefinitions
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2019-01-01' |
| name | The resource name | string (required) |
| properties | The policy definition properties. | PolicyDefinitionProperties |
| type | The resource type | 'Microsoft.Authorization/policyDefinitions' |
PolicyDefinitionProperties
| Name | Description | Value |
|---|---|---|
| description | The policy definition description. | string |
| displayName | The display name of the policy definition. | string |
| metadata | The policy definition metadata. | any |
| mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
| parameters | Required if a parameter is used in policy rule. | any |
| policyRule | The policy rule. | any |
| policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. | 'BuiltIn' 'Custom' 'NotSpecified' |
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create an Azure Virtual Network Manager and sample VNETs |
This template deploys an Azure Virtual Network Manager and sample virtual networks into the named resource group. It supports multiple connectivity topologies and network group membership types. |
| Deploy a Policy Def and Assign to Multiple Mgmt Groups |
This template is a management group level template that will create a policy definition and assign that policy to multiple management groups. |
| Deploy a policy definition and assign to a management group |
This template is a management group level template that will create a policy definition and assign that policy to the target management group. Currently, this template cannot be deployed via the Azure Portal. |
Terraform (AzAPI provider) resource definition
The policyDefinitions resource type can be deployed with operations that target:
- Tenant* Management groups* Subscription
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Authorization/policyDefinitions resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Authorization/policyDefinitions@2019-01-01"
name = "string"
parent_id = "string"
body = {
properties = {
description = "string"
displayName = "string"
metadata = ?
mode = "string"
parameters = ?
policyRule = ?
policyType = "string"
}
}
}
Property Values
Microsoft.Authorization/policyDefinitions
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | The policy definition properties. | PolicyDefinitionProperties |
| type | The resource type | "Microsoft.Authorization/policyDefinitions@2019-01-01" |
PolicyDefinitionProperties
| Name | Description | Value |
|---|---|---|
| description | The policy definition description. | string |
| displayName | The display name of the policy definition. | string |
| metadata | The policy definition metadata. | any |
| mode | The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data. | string |
| parameters | Required if a parameter is used in policy rule. | any |
| policyRule | The policy rule. | any |
| policyType | The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. | 'BuiltIn' 'Custom' 'NotSpecified' |