pulumi-azure-kotlin/com.pulumi.azure.core.kotlin/ResourcePolicyAssignment

ResourcePolicyAssignment

class ResourcePolicyAssignment : KotlinCustomResource

Manages a Policy Assignment to a Resource.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.network.NetworkFunctions;
import com.pulumi.azure.network.inputs.GetVirtualNetworkArgs;
import com.pulumi.azure.policy.Definition;
import com.pulumi.azure.policy.DefinitionArgs;
import com.pulumi.azure.core.ResourcePolicyAssignment;
import com.pulumi.azure.core.ResourcePolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var exampleVirtualNetwork = NetworkFunctions.getVirtualNetwork(GetVirtualNetworkArgs.builder()
            .name("production")
            .resourceGroupName("networking")
            .build());
        var exampleDefinition = new Definition("exampleDefinition", DefinitionArgs.builder()
            .policyType("Custom")
            .mode("All")
            .displayName("my-policy-definition")
            .policyRule("""
 {
    "if": {
      "not": {
        "field": "location",
        "equals": "westeurope"
      }
    },
    "then": {
      "effect": "Deny"
    }
  }
            """)
            .build());
        var exampleResourcePolicyAssignment = new ResourcePolicyAssignment("exampleResourcePolicyAssignment", ResourcePolicyAssignmentArgs.builder()
            .resourceId(exampleVirtualNetwork.applyValue(getVirtualNetworkResult -> getVirtualNetworkResult.id()))
            .policyDefinitionId(exampleDefinition.id())
            .build());
    }
}

Import

Resource Policy Assignments can be imported using the resource id, e.g.

$ pulumi import azure:core/resourcePolicyAssignment:ResourcePolicyAssignment example "{resource}/providers/Microsoft.Authorization/policyAssignments/assignment1"

where {resource} is a Resource ID in the form /subscriptions/00000000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/virtualNetworks/network1.

Properties

description

val description: Output<String>?

A description which should be used for this Policy Assignment.

displayName

val displayName: Output<String>?

The Display Name for this Policy Assignment.

enforce

val enforce: Output<Boolean>?

Specifies if this Policy should be enforced or not? Defaults to true.

val id: Output<String>

identity

val identity: Output<ResourcePolicyAssignmentIdentity>?

An identity block as defined below.

location

val location: Output<String>

The Azure Region where the Policy Assignment should exist. Changing this forces a new Policy Assignment to be created.

metadata

val metadata: Output<String>

A JSON mapping of any Metadata for this Policy.

name

val name: Output<String>

The name which should be used for this Policy Assignment. Changing this forces a new Resource Policy Assignment to be created. Cannot exceed 64 characters in length.

nonComplianceMessages

val nonComplianceMessages: Output<List<ResourcePolicyAssignmentNonComplianceMessage>>?

One or more non_compliance_message blocks as defined below.

notScopes

val notScopes: Output<List<String>>?

Specifies a list of Resource Scopes (for example a Subscription, or a Resource Group) within this Management Group which are excluded from this Policy.

overrides

val overrides: Output<List<ResourcePolicyAssignmentOverride>>?

One or more overrides blocks as defined below. More detail about overrides and resource_selectors see policy assignment structure

parameters

val parameters: Output<String>?

A JSON mapping of any Parameters for this Policy.

policyDefinitionId

val policyDefinitionId: Output<String>

The ID of the Policy Definition or Policy Definition Set. Changing this forces a new Policy Assignment to be created.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

resourceId

val resourceId: Output<String>

The ID of the Resource (or Resource Scope) where this should be applied. Changing this forces a new Resource Policy Assignment to be created.

resourceSelectors

val resourceSelectors: Output<List<ResourcePolicyAssignmentResourceSelector>>?

One or more resource_selectors blocks as defined below to filter polices by resource properties.

urn

val urn: Output<String>