1. Packages
  2. Azure Native v1
  3. API Docs
  4. authorization
  5. getPolicyAssignment
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

azure-native.authorization.getPolicyAssignment

Explore with Pulumi AI

These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

This operation retrieves a single policy assignment, given its name and the scope it was created at. API Version: 2020-09-01.

Using getPolicyAssignment

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getPolicyAssignment(args: GetPolicyAssignmentArgs, opts?: InvokeOptions): Promise<GetPolicyAssignmentResult>
function getPolicyAssignmentOutput(args: GetPolicyAssignmentOutputArgs, opts?: InvokeOptions): Output<GetPolicyAssignmentResult>
Copy
def get_policy_assignment(policy_assignment_name: Optional[str] = None,
                          scope: Optional[str] = None,
                          opts: Optional[InvokeOptions] = None) -> GetPolicyAssignmentResult
def get_policy_assignment_output(policy_assignment_name: Optional[pulumi.Input[str]] = None,
                          scope: Optional[pulumi.Input[str]] = None,
                          opts: Optional[InvokeOptions] = None) -> Output[GetPolicyAssignmentResult]
Copy
func LookupPolicyAssignment(ctx *Context, args *LookupPolicyAssignmentArgs, opts ...InvokeOption) (*LookupPolicyAssignmentResult, error)
func LookupPolicyAssignmentOutput(ctx *Context, args *LookupPolicyAssignmentOutputArgs, opts ...InvokeOption) LookupPolicyAssignmentResultOutput
Copy

> Note: This function is named LookupPolicyAssignment in the Go SDK.

public static class GetPolicyAssignment 
{
    public static Task<GetPolicyAssignmentResult> InvokeAsync(GetPolicyAssignmentArgs args, InvokeOptions? opts = null)
    public static Output<GetPolicyAssignmentResult> Invoke(GetPolicyAssignmentInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetPolicyAssignmentResult> getPolicyAssignment(GetPolicyAssignmentArgs args, InvokeOptions options)
public static Output<GetPolicyAssignmentResult> getPolicyAssignment(GetPolicyAssignmentArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: azure-native:authorization:getPolicyAssignment
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

PolicyAssignmentName
This property is required.
Changes to this property will trigger replacement.
string
The name of the policy assignment to get.
Scope
This property is required.
Changes to this property will trigger replacement.
string
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
PolicyAssignmentName
This property is required.
Changes to this property will trigger replacement.
string
The name of the policy assignment to get.
Scope
This property is required.
Changes to this property will trigger replacement.
string
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
policyAssignmentName
This property is required.
Changes to this property will trigger replacement.
String
The name of the policy assignment to get.
scope
This property is required.
Changes to this property will trigger replacement.
String
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
policyAssignmentName
This property is required.
Changes to this property will trigger replacement.
string
The name of the policy assignment to get.
scope
This property is required.
Changes to this property will trigger replacement.
string
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
policy_assignment_name
This property is required.
Changes to this property will trigger replacement.
str
The name of the policy assignment to get.
scope
This property is required.
Changes to this property will trigger replacement.
str
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
policyAssignmentName
This property is required.
Changes to this property will trigger replacement.
String
The name of the policy assignment to get.
scope
This property is required.
Changes to this property will trigger replacement.
String
The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'

getPolicyAssignment Result

The following output properties are available:

Id string
The ID of the policy assignment.
Name string
The name of the policy assignment.
Scope string
The scope for the policy assignment.
Type string
The type of the policy assignment.
Description string
This message will be part of response in case of policy violation.
DisplayName string
The display name of the policy assignment.
EnforcementMode string
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
Identity Pulumi.AzureNative.Authorization.Outputs.IdentityResponse
The managed identity associated with the policy assignment.
Location string
The location of the policy assignment. Only required when utilizing managed identity.
Metadata object
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
NonComplianceMessages List<Pulumi.AzureNative.Authorization.Outputs.NonComplianceMessageResponse>
The messages that describe why a resource is non-compliant with the policy.
NotScopes List<string>
The policy's excluded scopes.
Parameters Dictionary<string, Pulumi.AzureNative.Authorization.Outputs.ParameterValuesValueResponse>
The parameter values for the assigned policy rule. The keys are the parameter names.
PolicyDefinitionId string
The ID of the policy definition or policy set definition being assigned.
Id string
The ID of the policy assignment.
Name string
The name of the policy assignment.
Scope string
The scope for the policy assignment.
Type string
The type of the policy assignment.
Description string
This message will be part of response in case of policy violation.
DisplayName string
The display name of the policy assignment.
EnforcementMode string
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
Identity IdentityResponse
The managed identity associated with the policy assignment.
Location string
The location of the policy assignment. Only required when utilizing managed identity.
Metadata interface{}
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
NonComplianceMessages []NonComplianceMessageResponse
The messages that describe why a resource is non-compliant with the policy.
NotScopes []string
The policy's excluded scopes.
Parameters map[string]ParameterValuesValueResponse
The parameter values for the assigned policy rule. The keys are the parameter names.
PolicyDefinitionId string
The ID of the policy definition or policy set definition being assigned.
id String
The ID of the policy assignment.
name String
The name of the policy assignment.
scope String
The scope for the policy assignment.
type String
The type of the policy assignment.
description String
This message will be part of response in case of policy violation.
displayName String
The display name of the policy assignment.
enforcementMode String
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
identity IdentityResponse
The managed identity associated with the policy assignment.
location String
The location of the policy assignment. Only required when utilizing managed identity.
metadata Object
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
nonComplianceMessages List<NonComplianceMessageResponse>
The messages that describe why a resource is non-compliant with the policy.
notScopes List<String>
The policy's excluded scopes.
parameters Map<String,ParameterValuesValueResponse>
The parameter values for the assigned policy rule. The keys are the parameter names.
policyDefinitionId String
The ID of the policy definition or policy set definition being assigned.
id string
The ID of the policy assignment.
name string
The name of the policy assignment.
scope string
The scope for the policy assignment.
type string
The type of the policy assignment.
description string
This message will be part of response in case of policy violation.
displayName string
The display name of the policy assignment.
enforcementMode string
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
identity IdentityResponse
The managed identity associated with the policy assignment.
location string
The location of the policy assignment. Only required when utilizing managed identity.
metadata any
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
nonComplianceMessages NonComplianceMessageResponse[]
The messages that describe why a resource is non-compliant with the policy.
notScopes string[]
The policy's excluded scopes.
parameters {[key: string]: ParameterValuesValueResponse}
The parameter values for the assigned policy rule. The keys are the parameter names.
policyDefinitionId string
The ID of the policy definition or policy set definition being assigned.
id str
The ID of the policy assignment.
name str
The name of the policy assignment.
scope str
The scope for the policy assignment.
type str
The type of the policy assignment.
description str
This message will be part of response in case of policy violation.
display_name str
The display name of the policy assignment.
enforcement_mode str
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
identity IdentityResponse
The managed identity associated with the policy assignment.
location str
The location of the policy assignment. Only required when utilizing managed identity.
metadata Any
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
non_compliance_messages Sequence[NonComplianceMessageResponse]
The messages that describe why a resource is non-compliant with the policy.
not_scopes Sequence[str]
The policy's excluded scopes.
parameters Mapping[str, ParameterValuesValueResponse]
The parameter values for the assigned policy rule. The keys are the parameter names.
policy_definition_id str
The ID of the policy definition or policy set definition being assigned.
id String
The ID of the policy assignment.
name String
The name of the policy assignment.
scope String
The scope for the policy assignment.
type String
The type of the policy assignment.
description String
This message will be part of response in case of policy violation.
displayName String
The display name of the policy assignment.
enforcementMode String
The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.
identity Property Map
The managed identity associated with the policy assignment.
location String
The location of the policy assignment. Only required when utilizing managed identity.
metadata Any
The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
nonComplianceMessages List<Property Map>
The messages that describe why a resource is non-compliant with the policy.
notScopes List<String>
The policy's excluded scopes.
parameters Map<Property Map>
The parameter values for the assigned policy rule. The keys are the parameter names.
policyDefinitionId String
The ID of the policy definition or policy set definition being assigned.

Supporting Types

IdentityResponse

PrincipalId This property is required. string
The principal ID of the resource identity.
TenantId This property is required. string
The tenant ID of the resource identity.
Type string
The identity type. This is the only required field when adding a system assigned identity to a resource.
PrincipalId This property is required. string
The principal ID of the resource identity.
TenantId This property is required. string
The tenant ID of the resource identity.
Type string
The identity type. This is the only required field when adding a system assigned identity to a resource.
principalId This property is required. String
The principal ID of the resource identity.
tenantId This property is required. String
The tenant ID of the resource identity.
type String
The identity type. This is the only required field when adding a system assigned identity to a resource.
principalId This property is required. string
The principal ID of the resource identity.
tenantId This property is required. string
The tenant ID of the resource identity.
type string
The identity type. This is the only required field when adding a system assigned identity to a resource.
principal_id This property is required. str
The principal ID of the resource identity.
tenant_id This property is required. str
The tenant ID of the resource identity.
type str
The identity type. This is the only required field when adding a system assigned identity to a resource.
principalId This property is required. String
The principal ID of the resource identity.
tenantId This property is required. String
The tenant ID of the resource identity.
type String
The identity type. This is the only required field when adding a system assigned identity to a resource.

NonComplianceMessageResponse

Message This property is required. string
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
PolicyDefinitionReferenceId string
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
Message This property is required. string
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
PolicyDefinitionReferenceId string
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
message This property is required. String
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
policyDefinitionReferenceId String
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
message This property is required. string
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
policyDefinitionReferenceId string
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
message This property is required. str
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
policy_definition_reference_id str
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.
message This property is required. String
A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results.
policyDefinitionReferenceId String
The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.

ParameterValuesValueResponse

Value object
The value of the parameter.
Value interface{}
The value of the parameter.
value Object
The value of the parameter.
value any
The value of the parameter.
value Any
The value of the parameter.
value Any
The value of the parameter.

Package Details

Repository
azure-native-v1 pulumi/pulumi-azure-native
License
Apache-2.0
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi