pulumi-azure-kotlin/com.pulumi.azure.management.kotlin/GroupPolicyRemediationArgs

GroupPolicyRemediationArgs

data class GroupPolicyRemediationArgs(val failurePercentage: Output<Double>? = null, val locationFilters: Output<List<String>>? = null, val managementGroupId: Output<String>? = null, val name: Output<String>? = null, val parallelDeployments: Output<Int>? = null, val policyAssignmentId: Output<String>? = null, val policyDefinitionReferenceId: Output<String>? = null, val resourceCount: Output<Int>? = null) : ConvertibleToJava<GroupPolicyRemediationArgs>

Manages an Azure Management Group Policy Remediation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleGroup = new azure.management.Group("example", {displayName: "Example Management Group"});
const example = azure.policy.getPolicyDefintion({
    displayName: "Allowed locations",
});
const exampleGroupPolicyAssignment = new azure.management.GroupPolicyAssignment("example", {
    name: "exampleAssignment",
    managementGroupId: exampleGroup.id,
    policyDefinitionId: example.then(example => example.id),
    parameters: JSON.stringify({
        listOfAllowedLocations: {
            value: ["East US"],
        },
    }),
});
const exampleGroupPolicyRemediation = new azure.management.GroupPolicyRemediation("example", {
    name: "example",
    managementGroupId: exampleGroup.id,
    policyAssignmentId: exampleGroupPolicyAssignment.id,
});
Content copied to clipboard
import pulumi
import json
import pulumi_azure as azure
example_group = azure.management.Group("example", display_name="Example Management Group")
example = azure.policy.get_policy_defintion(display_name="Allowed locations")
example_group_policy_assignment = azure.management.GroupPolicyAssignment("example",
    name="exampleAssignment",
    management_group_id=example_group.id,
    policy_definition_id=example.id,
    parameters=json.dumps({
        "listOfAllowedLocations": {
            "value": ["East US"],
        },
    }))
example_group_policy_remediation = azure.management.GroupPolicyRemediation("example",
    name="example",
    management_group_id=example_group.id,
    policy_assignment_id=example_group_policy_assignment.id)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
    var exampleGroup = new Azure.Management.Group("example", new()
    {
        DisplayName = "Example Management Group",
    });
    var example = Azure.Policy.GetPolicyDefintion.Invoke(new()
    {
        DisplayName = "Allowed locations",
    });
    var exampleGroupPolicyAssignment = new Azure.Management.GroupPolicyAssignment("example", new()
    {
        Name = "exampleAssignment",
        ManagementGroupId = exampleGroup.Id,
        PolicyDefinitionId = example.Apply(getPolicyDefintionResult => getPolicyDefintionResult.Id),
        Parameters = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["listOfAllowedLocations"] = new Dictionary<string, object?>
            {
                ["value"] = new[]
                {
                    "East US",
                },
            },
        }),
    });
    var exampleGroupPolicyRemediation = new Azure.Management.GroupPolicyRemediation("example", new()
    {
        Name = "example",
        ManagementGroupId = exampleGroup.Id,
        PolicyAssignmentId = exampleGroupPolicyAssignment.Id,
    });
});
Content copied to clipboard
package main
import (
	"encoding/json"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/management"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/policy"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleGroup, err := management.NewGroup(ctx, "example", &management.GroupArgs{
			DisplayName: pulumi.String("Example Management Group"),
		})
		if err != nil {
			return err
		}
		example, err := policy.GetPolicyDefintion(ctx, &policy.GetPolicyDefintionArgs{
			DisplayName: pulumi.StringRef("Allowed locations"),
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"listOfAllowedLocations": map[string]interface{}{
				"value": []string{
					"East US",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		exampleGroupPolicyAssignment, err := management.NewGroupPolicyAssignment(ctx, "example", &management.GroupPolicyAssignmentArgs{
			Name:               pulumi.String("exampleAssignment"),
			ManagementGroupId:  exampleGroup.ID(),
			PolicyDefinitionId: pulumi.String(example.Id),
			Parameters:         pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		_, err = management.NewGroupPolicyRemediation(ctx, "example", &management.GroupPolicyRemediationArgs{
			Name:               pulumi.String("example"),
			ManagementGroupId:  exampleGroup.ID(),
			PolicyAssignmentId: exampleGroupPolicyAssignment.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.management.Group;
import com.pulumi.azure.management.GroupArgs;
import com.pulumi.azure.policy.PolicyFunctions;
import com.pulumi.azure.policy.inputs.GetPolicyDefintionArgs;
import com.pulumi.azure.management.GroupPolicyAssignment;
import com.pulumi.azure.management.GroupPolicyAssignmentArgs;
import com.pulumi.azure.management.GroupPolicyRemediation;
import com.pulumi.azure.management.GroupPolicyRemediationArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleGroup = new Group("exampleGroup", GroupArgs.builder()
            .displayName("Example Management Group")
            .build());
        final var example = PolicyFunctions.getPolicyDefintion(GetPolicyDefintionArgs.builder()
            .displayName("Allowed locations")
            .build());
        var exampleGroupPolicyAssignment = new GroupPolicyAssignment("exampleGroupPolicyAssignment", GroupPolicyAssignmentArgs.builder()
            .name("exampleAssignment")
            .managementGroupId(exampleGroup.id())
            .policyDefinitionId(example.applyValue(getPolicyDefintionResult -> getPolicyDefintionResult.id()))
            .parameters(serializeJson(
                jsonObject(
                    jsonProperty("listOfAllowedLocations", jsonObject(
                        jsonProperty("value", jsonArray("East US"))
                    ))
                )))
            .build());
        var exampleGroupPolicyRemediation = new GroupPolicyRemediation("exampleGroupPolicyRemediation", GroupPolicyRemediationArgs.builder()
            .name("example")
            .managementGroupId(exampleGroup.id())
            .policyAssignmentId(exampleGroupPolicyAssignment.id())
            .build());
    }
}
Content copied to clipboard
resources:
  exampleGroup:
    type: azure:management:Group
    name: example
    properties:
      displayName: Example Management Group
  exampleGroupPolicyAssignment:
    type: azure:management:GroupPolicyAssignment
    name: example
    properties:
      name: exampleAssignment
      managementGroupId: ${exampleGroup.id}
      policyDefinitionId: ${example.id}
      parameters:
        fn::toJSON:
          listOfAllowedLocations:
            value:
              - East US
  exampleGroupPolicyRemediation:
    type: azure:management:GroupPolicyRemediation
    name: example
    properties:
      name: example
      managementGroupId: ${exampleGroup.id}
      policyAssignmentId: ${exampleGroupPolicyAssignment.id}
variables:
  example:
    fn::invoke:
      function: azure:policy:getPolicyDefintion
      arguments:
        displayName: Allowed locations
Content copied to clipboard

Import

Policy Remediations can be imported using the resource id, e.g.

$ pulumi import azure:management/groupPolicyRemediation:GroupPolicyRemediation example /providers/Microsoft.Management/managementGroups/my-mgmt-group-id/providers/Microsoft.PolicyInsights/remediations/remediation1
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(failurePercentage: Output<Double>? = null, locationFilters: Output<List<String>>? = null, managementGroupId: Output<String>? = null, name: Output<String>? = null, parallelDeployments: Output<Int>? = null, policyAssignmentId: Output<String>? = null, policyDefinitionReferenceId: Output<String>? = null, resourceCount: Output<Int>? = null)

Properties

Link copied to clipboard
val failurePercentage: Output<Double>? = null

A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold.

Link copied to clipboard
val locationFilters: Output<List<String>>? = null

A list of the resource locations that will be remediated.

Link copied to clipboard
val managementGroupId: Output<String>? = null

The Management Group ID at which the Policy Remediation should be applied. Changing this forces a new resource to be created.

Link copied to clipboard
val name: Output<String>? = null

The name of the Policy Remediation. Changing this forces a new resource to be created.

Link copied to clipboard
val parallelDeployments: Output<Int>? = null

Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used.

Link copied to clipboard
val policyAssignmentId: Output<String>? = null

The ID of the Policy Assignment that should be remediated.

Link copied to clipboard
val policyDefinitionReferenceId: Output<String>? = null

The unique ID for the policy definition reference within the policy set definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition.

Link copied to clipboard
val resourceCount: Output<Int>? = null

Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used.

Functions

Link copied to clipboard
open override fun toJava(): GroupPolicyRemediationArgs