Class Definition

Manages a policy rule definition on a management group or your provider subscription.

Policy definitions do not take effect until they are assigned to a scope using a Policy Assignment.

Example Usage

using Pulumi;
using Azure = Pulumi.Azure;

class MyStack : Stack
{
public MyStack()
{
    var policy = new Azure.Policy.Definition("policy", new Azure.Policy.DefinitionArgs
    {
        DisplayName = "acceptance test policy definition",
        Metadata = @"    {
""category"": ""General""
}


",
        Mode = "Indexed",
        Parameters = @"	{
""allowedLocations"": {
  ""type"": ""Array"",
  ""metadata"": {
    ""description"": ""The list of allowed locations for resources."",
    ""displayName"": ""Allowed locations"",
    ""strongType"": ""location""
  }
}
}

",
        PolicyRule = @"	{
""if"": {
  ""not"": {
    ""field"": ""location"",
    ""in"": ""[parameters('allowedLocations')]""
  }
},
""then"": {
  ""effect"": ""audit""
}
}

",
        PolicyType = "Custom",
    });
}

}
Inheritance
System.Object
Resource
CustomResource
Definition
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Azure.Policy
Assembly: Pulumi.Azure.dll
Syntax
public class Definition : CustomResource

Constructors

View Source

Definition(String, DefinitionArgs, CustomResourceOptions)

Create a Definition resource with the given unique name, arguments, and options.

Declaration
public Definition(string name, DefinitionArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
DefinitionArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

Description

The description of the policy definition.

Declaration
public Output<string> Description { get; }
Property Value
Type Description
Output<System.String>
View Source

DisplayName

The display name of the policy definition.

Declaration
public Output<string> DisplayName { get; }
Property Value
Type Description
Output<System.String>
View Source

ManagementGroupId

Declaration
public Output<string> ManagementGroupId { get; }
Property Value
Type Description
Output<System.String>
View Source

ManagementGroupName

The name of the Management Group where this policy should be defined. Changing this forces a new resource to be created.

Declaration
public Output<string> ManagementGroupName { get; }
Property Value
Type Description
Output<System.String>
View Source

Metadata

The metadata for the policy definition. This is a json object representing additional metadata that should be stored with the policy definition.

Declaration
public Output<string> Metadata { get; }
Property Value
Type Description
Output<System.String>
View Source

Mode

The policy mode that allows you to specify which resource types will be evaluated. The value can be "All", "Indexed" or "NotSpecified". Changing this resource forces a new resource to be created.

Declaration
public Output<string> Mode { get; }
Property Value
Type Description
Output<System.String>
View Source

Name

The name of the policy definition. Changing this forces a new resource to be created.

Declaration
public Output<string> Name { get; }
Property Value
Type Description
Output<System.String>
View Source

Parameters

Parameters for the policy definition. This field is a json object that allows you to parameterize your policy definition.

Declaration
public Output<string> Parameters { get; }
Property Value
Type Description
Output<System.String>
View Source

PolicyRule

The policy rule for the policy definition. This is a json object representing the rule that contains an if and a then block.

Declaration
public Output<string> PolicyRule { get; }
Property Value
Type Description
Output<System.String>
View Source

PolicyType

The policy type. Possible values are BuiltIn, Custom and NotSpecified. Changing this forces a new resource to be created.

Declaration
public Output<string> PolicyType { get; }
Property Value
Type Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, DefinitionState, CustomResourceOptions)

Get an existing Definition resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static Definition Get(string name, Input<string> id, DefinitionState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
DefinitionState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
Definition