pulumi-azure-kotlin/com.pulumi.azure.management.kotlin/GroupPolicyRemediationArgs

GroupPolicyRemediationArgs

data class GroupPolicyRemediationArgs(val failurePercentage: Output<Double>? = null, val locationFilters: Output<List<String>>? = null, val managementGroupId: Output<String>? = null, val name: Output<String>? = null, val parallelDeployments: Output<Int>? = null, val policyAssignmentId: Output<String>? = null, val policyDefinitionReferenceId: Output<String>? = null, val resourceCount: Output<Int>? = null) : ConvertibleToJava<GroupPolicyRemediationArgs>

Manages an Azure Management Group Policy Remediation.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleGroup = new azure.management.Group("example", {displayName: "Example Management Group"});
const example = azure.policy.getPolicyDefintion({
    displayName: "Allowed locations",
});
const exampleGroupPolicyAssignment = new azure.management.GroupPolicyAssignment("example", {
    name: "exampleAssignment",
    managementGroupId: exampleGroup.id,
    policyDefinitionId: example.then(example => example.id),
    parameters: JSON.stringify({
        listOfAllowedLocations: {
            value: ["East US"],
        },
    }),
});
const exampleGroupPolicyRemediation = new azure.management.GroupPolicyRemediation("example", {
    name: "example",
    managementGroupId: exampleGroup.id,
    policyAssignmentId: exampleGroupPolicyAssignment.id,
});

import pulumi
import json
import pulumi_azure as azure
example_group = azure.management.Group("example", display_name="Example Management Group")
example = azure.policy.get_policy_defintion(display_name="Allowed locations")
example_group_policy_assignment = azure.management.GroupPolicyAssignment("example",
    name="exampleAssignment",
    management_group_id=example_group.id,
    policy_definition_id=example.id,
    parameters=json.dumps({
        "listOfAllowedLocations": {
            "value": ["East US"],
        },
    }))
example_group_policy_remediation = azure.management.GroupPolicyRemediation("example",
    name="example",
    management_group_id=example_group.id,
    policy_assignment_id=example_group_policy_assignment.id)

using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
    var exampleGroup = new Azure.Management.Group("example", new()
    {
        DisplayName = "Example Management Group",
    });
    var example = Azure.Policy.GetPolicyDefintion.Invoke(new()
    {
        DisplayName = "Allowed locations",
    });
    var exampleGroupPolicyAssignment = new Azure.Management.GroupPolicyAssignment("example", new()
    {
        Name = "exampleAssignment",
        ManagementGroupId = exampleGroup.Id,
        PolicyDefinitionId = example.Apply(getPolicyDefintionResult => getPolicyDefintionResult.Id),
        Parameters = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["listOfAllowedLocations"] = new Dictionary<string, object?>
            {
                ["value"] = new[]
                {
                    "East US",
                },
            },
        }),
    });
    var exampleGroupPolicyRemediation = new Azure.Management.GroupPolicyRemediation("example", new()
    {
        Name = "example",
        ManagementGroupId = exampleGroup.Id,
        PolicyAssignmentId = exampleGroupPolicyAssignment.Id,
    });
});

package main
import (
	"encoding/json"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/management"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/policy"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleGroup, err := management.NewGroup(ctx, "example", &management.GroupArgs{
			DisplayName: pulumi.String("Example Management Group"),
		})
		if err != nil {
			return err
		}
		example, err := policy.GetPolicyDefintion(ctx, &policy.GetPolicyDefintionArgs{
			DisplayName: pulumi.StringRef("Allowed locations"),
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"listOfAllowedLocations": map[string]interface{}{
				"value": []string{
					"East US",
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		exampleGroupPolicyAssignment, err := management.NewGroupPolicyAssignment(ctx, "example", &management.GroupPolicyAssignmentArgs{
			Name:               pulumi.String("exampleAssignment"),
			ManagementGroupId:  exampleGroup.ID(),
			PolicyDefinitionId: pulumi.String(example.Id),
			Parameters:         pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		_, err = management.NewGroupPolicyRemediation(ctx, "example", &management.GroupPolicyRemediationArgs{
			Name:               pulumi.String("example"),
			ManagementGroupId:  exampleGroup.ID(),
			PolicyAssignmentId: exampleGroupPolicyAssignment.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.management.Group;
import com.pulumi.azure.management.GroupArgs;
import com.pulumi.azure.policy.PolicyFunctions;
import com.pulumi.azure.policy.inputs.GetPolicyDefintionArgs;
import com.pulumi.azure.management.GroupPolicyAssignment;
import com.pulumi.azure.management.GroupPolicyAssignmentArgs;
import com.pulumi.azure.management.GroupPolicyRemediation;
import com.pulumi.azure.management.GroupPolicyRemediationArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleGroup = new Group("exampleGroup", GroupArgs.builder()
            .displayName("Example Management Group")
            .build());
        final var example = PolicyFunctions.getPolicyDefintion(GetPolicyDefintionArgs.builder()
            .displayName("Allowed locations")
            .build());
        var exampleGroupPolicyAssignment = new GroupPolicyAssignment("exampleGroupPolicyAssignment", GroupPolicyAssignmentArgs.builder()
            .name("exampleAssignment")
            .managementGroupId(exampleGroup.id())
            .policyDefinitionId(example.id())
            .parameters(serializeJson(
                jsonObject(
                    jsonProperty("listOfAllowedLocations", jsonObject(
                        jsonProperty("value", jsonArray("East US"))
                    ))
                )))
            .build());
        var exampleGroupPolicyRemediation = new GroupPolicyRemediation("exampleGroupPolicyRemediation", GroupPolicyRemediationArgs.builder()
            .name("example")
            .managementGroupId(exampleGroup.id())
            .policyAssignmentId(exampleGroupPolicyAssignment.id())
            .build());
    }
}

resources:
  exampleGroup:
    type: azure:management:Group
    name: example
    properties:
      displayName: Example Management Group
  exampleGroupPolicyAssignment:
    type: azure:management:GroupPolicyAssignment
    name: example
    properties:
      name: exampleAssignment
      managementGroupId: ${exampleGroup.id}
      policyDefinitionId: ${example.id}
      parameters:
        fn::toJSON:
          listOfAllowedLocations:
            value:
              - East US
  exampleGroupPolicyRemediation:
    type: azure:management:GroupPolicyRemediation
    name: example
    properties:
      name: example
      managementGroupId: ${exampleGroup.id}
      policyAssignmentId: ${exampleGroupPolicyAssignment.id}
variables:
  example:
    fn::invoke:
      function: azure:policy:getPolicyDefintion
      arguments:
        displayName: Allowed locations

API Providers

This resource uses the following Azure API Providers:

Microsoft.Management: 2021-10-01

Import

Policy Remediations can be imported using the resource id, e.g.

$ pulumi import azure:management/groupPolicyRemediation:GroupPolicyRemediation example /providers/Microsoft.Management/managementGroups/my-mgmt-group-id/providers/Microsoft.PolicyInsights/remediations/remediation1

Constructors

GroupPolicyRemediationArgs

constructor(failurePercentage: Output<Double>? = null, locationFilters: Output<List<String>>? = null, managementGroupId: Output<String>? = null, name: Output<String>? = null, parallelDeployments: Output<Int>? = null, policyAssignmentId: Output<String>? = null, policyDefinitionReferenceId: Output<String>? = null, resourceCount: Output<Int>? = null)

Properties

failurePercentage

val failurePercentage: Output<Double>? = null

A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold.

locationFilters

val locationFilters: Output<List<String>>? = null

A list of the resource locations that will be remediated.

managementGroupId

val managementGroupId: Output<String>? = null

The Management Group ID at which the Policy Remediation should be applied. Changing this forces a new resource to be created.

name

val name: Output<String>? = null

The name of the Policy Remediation. Changing this forces a new resource to be created.

parallelDeployments

val parallelDeployments: Output<Int>? = null

Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used.

policyAssignmentId

val policyAssignmentId: Output<String>? = null

The ID of the Policy Assignment that should be remediated.

policyDefinitionReferenceId

val policyDefinitionReferenceId: Output<String>? = null

The unique ID for the policy definition reference within the policy set definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition.

resourceCount

val resourceCount: Output<Int>? = null

Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used.

Functions

toJava

open override fun toJava(): GroupPolicyRemediationArgs