Attestation
An attestation resource. Uses Azure REST API version 2024-10-01. In version 2.x of the Azure Native provider, it used API version 2022-09-01. Other available API versions: 2022-09-01. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native policyinsights [ApiVersion]. See the ../../../version-guide/#accessing-any-api-version-via-local-packages for details.
Example Usage
Create attestation at resource group scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var attestationAtResourceGroup = new AzureNative.PolicyInsights.AttestationAtResourceGroup("attestationAtResourceGroup", new()
{
AssessmentDate = "2021-06-10T00:00:00Z",
AttestationName = "790996e6-9871-4b1f-9cd9-ec42cd6ced1e",
Comments = "This subscription has passed a security audit.",
ComplianceState = AzureNative.PolicyInsights.ComplianceState.Compliant,
Evidence = new[]
{
new AzureNative.PolicyInsights.Inputs.AttestationEvidenceArgs
{
Description = "The results of the security audit.",
SourceUri = "https://gist.github.com/contoso/9573e238762c60166c090ae16b814011",
},
},
ExpiresOn = "2021-06-15T00:00:00Z",
Metadata = new Dictionary<string, object?>
{
["departmentId"] = "NYC-MARKETING-1",
},
Owner = "55a32e28-3aa5-4eea-9b5a-4cd85153b966",
PolicyAssignmentId = "/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5",
PolicyDefinitionReferenceId = "0b158b46-ff42-4799-8e39-08a5c23b4551",
ResourceGroupName = "myRg",
});
});package main
import (
policyinsights "github.com/pulumi/pulumi-azure-native-sdk/policyinsights/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := policyinsights.NewAttestationAtResourceGroup(ctx, "attestationAtResourceGroup", &policyinsights.AttestationAtResourceGroupArgs{
AssessmentDate: pulumi.String("2021-06-10T00:00:00Z"),
AttestationName: pulumi.String("790996e6-9871-4b1f-9cd9-ec42cd6ced1e"),
Comments: pulumi.String("This subscription has passed a security audit."),
ComplianceState: pulumi.String(policyinsights.ComplianceStateCompliant),
Evidence: policyinsights.AttestationEvidenceArray{
&policyinsights.AttestationEvidenceArgs{
Description: pulumi.String("The results of the security audit."),
SourceUri: pulumi.String("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011"),
},
},
ExpiresOn: pulumi.String("2021-06-15T00:00:00Z"),
Metadata: pulumi.Any(map[string]interface{}{
"departmentId": "NYC-MARKETING-1",
}),
Owner: pulumi.String("55a32e28-3aa5-4eea-9b5a-4cd85153b966"),
PolicyAssignmentId: pulumi.String("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5"),
PolicyDefinitionReferenceId: pulumi.String("0b158b46-ff42-4799-8e39-08a5c23b4551"),
ResourceGroupName: pulumi.String("myRg"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.policyinsights.AttestationAtResourceGroup;
import com.pulumi.azurenative.policyinsights.AttestationAtResourceGroupArgs;
import com.pulumi.azurenative.policyinsights.inputs.AttestationEvidenceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var attestationAtResourceGroup = new AttestationAtResourceGroup("attestationAtResourceGroup", AttestationAtResourceGroupArgs.builder()
.assessmentDate("2021-06-10T00:00:00Z")
.attestationName("790996e6-9871-4b1f-9cd9-ec42cd6ced1e")
.comments("This subscription has passed a security audit.")
.complianceState("Compliant")
.evidence(AttestationEvidenceArgs.builder()
.description("The results of the security audit.")
.sourceUri("https://gist.github.com/contoso/9573e238762c60166c090ae16b814011")
.build())
.expiresOn("2021-06-15T00:00:00Z")
.metadata(Map.of("departmentId", "NYC-MARKETING-1"))
.owner("55a32e28-3aa5-4eea-9b5a-4cd85153b966")
.policyAssignmentId("/subscriptions/35ee058e-5fa0-414c-8145-3ebb8d09b6e2/providers/microsoft.authorization/policyassignments/b101830944f246d8a14088c5")
.policyDefinitionReferenceId("0b158b46-ff42-4799-8e39-08a5c23b4551")
.resourceGroupName("myRg")
.build());
}
}Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:policyinsights:AttestationAtResourceGroup 790996e6-9871-4b1f-9cd9-ec42cd6ced1e /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.PolicyInsights/attestations/{attestationName}Properties
The time the evidence was assessed
The Azure API version of the resource.
The compliance state that should be set on the resource.
The evidence supporting the compliance state set in this attestation.
The time the compliance state was last changed in this attestation.
The resource ID of the policy assignment that the attestation is setting the state for.
The policy definition reference ID from a policy set definition that the attestation is setting the state for. If the policy assignment assigns a policy set definition the attestation can choose a definition within the set definition with this property or omit this and set the state for the entire set definition.
The status of the attestation.
Azure Resource Manager metadata containing createdBy and modifiedBy information.