pulumi-azure-kotlin/com.pulumi.azure.core.kotlin/SubscriptionPolicyAssignmentArgs

SubscriptionPolicyAssignmentArgs

data class SubscriptionPolicyAssignmentArgs(val description: Output<String>? = null, val displayName: Output<String>? = null, val enforce: Output<Boolean>? = null, val identity: Output<SubscriptionPolicyAssignmentIdentityArgs>? = null, val location: Output<String>? = null, val metadata: Output<String>? = null, val name: Output<String>? = null, val nonComplianceMessages: Output<List<SubscriptionPolicyAssignmentNonComplianceMessageArgs>>? = null, val notScopes: Output<List<String>>? = null, val overrides: Output<List<SubscriptionPolicyAssignmentOverrideArgs>>? = null, val parameters: Output<String>? = null, val policyDefinitionId: Output<String>? = null, val resourceSelectors: Output<List<SubscriptionPolicyAssignmentResourceSelectorArgs>>? = null, val subscriptionId: Output<String>? = null) : ConvertibleToJava<SubscriptionPolicyAssignmentArgs>

Manages a Subscription Policy Assignment.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
import com.pulumi.azure.policy.Definition;
import com.pulumi.azure.policy.DefinitionArgs;
import com.pulumi.azure.core.SubscriptionPolicyAssignment;
import com.pulumi.azure.core.SubscriptionPolicyAssignmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var current = CoreFunctions.getSubscription();
        var exampleDefinition = new Definition("exampleDefinition", DefinitionArgs.builder()
            .policyType("Custom")
            .mode("All")
            .displayName("Allowed resource types")
            .policyRule("""
 {
    "if": {
      "not": {
        "field": "location",
        "equals": "westeurope"
      }
    },
    "then": {
      "effect": "Deny"
    }
  }
            """)
            .build());
        var exampleSubscriptionPolicyAssignment = new SubscriptionPolicyAssignment("exampleSubscriptionPolicyAssignment", SubscriptionPolicyAssignmentArgs.builder()
            .policyDefinitionId(exampleDefinition.id())
            .subscriptionId(current.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
            .build());
    }
}

Import

Subscription Policy Assignments can be imported using the resource id, e.g.

$ pulumi import azure:core/subscriptionPolicyAssignment:SubscriptionPolicyAssignment example /subscriptions/00000000-0000-0000-000000000000/providers/Microsoft.Authorization/policyAssignments/assignment1

Constructors

SubscriptionPolicyAssignmentArgs

fun SubscriptionPolicyAssignmentArgs(description: Output<String>? = null, displayName: Output<String>? = null, enforce: Output<Boolean>? = null, identity: Output<SubscriptionPolicyAssignmentIdentityArgs>? = null, location: Output<String>? = null, metadata: Output<String>? = null, name: Output<String>? = null, nonComplianceMessages: Output<List<SubscriptionPolicyAssignmentNonComplianceMessageArgs>>? = null, notScopes: Output<List<String>>? = null, overrides: Output<List<SubscriptionPolicyAssignmentOverrideArgs>>? = null, parameters: Output<String>? = null, policyDefinitionId: Output<String>? = null, resourceSelectors: Output<List<SubscriptionPolicyAssignmentResourceSelectorArgs>>? = null, subscriptionId: Output<String>? = null)

Functions

toJava

open override fun toJava(): SubscriptionPolicyAssignmentArgs

Properties

description

val description: Output<String>? = null

A description which should be used for this Policy Assignment.

displayName

val displayName: Output<String>? = null

The Display Name for this Policy Assignment.

enforce

val enforce: Output<Boolean>? = null

Specifies if this Policy should be enforced or not? Defaults to true.

identity

val identity: Output<SubscriptionPolicyAssignmentIdentityArgs>? = null

An identity block as defined below.

location

val location: Output<String>? = null

The Azure Region where the Policy Assignment should exist. Changing this forces a new Policy Assignment to be created.

metadata

val metadata: Output<String>? = null

A JSON mapping of any Metadata for this Policy.

name

val name: Output<String>? = null

The name which should be used for this Policy Assignment. Changing this forces a new Policy Assignment to be created. Cannot exceed 64 characters in length.

nonComplianceMessages

val nonComplianceMessages: Output<List<SubscriptionPolicyAssignmentNonComplianceMessageArgs>>? = null

One or more non_compliance_message blocks as defined below.

notScopes

val notScopes: Output<List<String>>? = null

Specifies a list of Resource Scopes (for example a Subscription, or a Resource Group) within this Management Group which are excluded from this Policy.

overrides

val overrides: Output<List<SubscriptionPolicyAssignmentOverrideArgs>>? = null

One or more overrides blocks as defined below. More detail about overrides and resource_selectors see policy assignment structure

parameters

val parameters: Output<String>? = null

A JSON mapping of any Parameters for this Policy.

policyDefinitionId

val policyDefinitionId: Output<String>? = null

The ID of the Policy Definition or Policy Definition Set. Changing this forces a new Policy Assignment to be created.

resourceSelectors

val resourceSelectors: Output<List<SubscriptionPolicyAssignmentResourceSelectorArgs>>? = null

One or more resource_selectors blocks as defined below to filter polices by resource properties.

subscriptionId

val subscriptionId: Output<String>? = null

The ID of the Subscription where this Policy Assignment should be created. Changing this forces a new Policy Assignment to be created.