azure-native-v2.authorization.PolicySetDefinitionAtManagementGroup
Explore with Pulumi AI
The policy set definition. Azure REST API version: 2021-06-01. Prior API version in Azure Native 1.x: 2020-09-01.
Other available API versions: 2019-06-01, 2023-04-01, 2024-05-01, 2025-01-01.
Example Usage
Create or update a policy set definition at management group level
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() => 
{
    var policySetDefinitionAtManagementGroup = new AzureNative.Authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", new()
    {
        Description = "Policies to enforce low cost storage SKUs",
        DisplayName = "Cost Management",
        ManagementGroupId = "MyManagementGroup",
        Metadata = new Dictionary<string, object?>
        {
            ["category"] = "Cost Management",
        },
        PolicyDefinitions = new[]
        {
            new AzureNative.Authorization.Inputs.PolicyDefinitionReferenceArgs
            {
                Parameters = 
                {
                    { "listOfAllowedSKUs", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = new[]
                        {
                            "Standard_GRS",
                            "Standard_LRS",
                        },
                    } },
                },
                PolicyDefinitionId = "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
                PolicyDefinitionReferenceId = "Limit_Skus",
            },
            new AzureNative.Authorization.Inputs.PolicyDefinitionReferenceArgs
            {
                Parameters = 
                {
                    { "prefix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = "DeptA",
                    } },
                    { "suffix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = "-LC",
                    } },
                },
                PolicyDefinitionId = "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
                PolicyDefinitionReferenceId = "Resource_Naming",
            },
        },
        PolicySetDefinitionName = "CostManagement",
    });
});
package main
import (
	authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := authorization.NewPolicySetDefinitionAtManagementGroup(ctx, "policySetDefinitionAtManagementGroup", &authorization.PolicySetDefinitionAtManagementGroupArgs{
			Description:       pulumi.String("Policies to enforce low cost storage SKUs"),
			DisplayName:       pulumi.String("Cost Management"),
			ManagementGroupId: pulumi.String("MyManagementGroup"),
			Metadata: pulumi.Any(map[string]interface{}{
				"category": "Cost Management",
			}),
			PolicyDefinitions: authorization.PolicyDefinitionReferenceArray{
				&authorization.PolicyDefinitionReferenceArgs{
					Parameters: authorization.ParameterValuesValueMap{
						"listOfAllowedSKUs": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any{
								"Standard_GRS",
								"Standard_LRS",
							},
						},
					},
					PolicyDefinitionId:          pulumi.String("/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1"),
					PolicyDefinitionReferenceId: pulumi.String("Limit_Skus"),
				},
				&authorization.PolicyDefinitionReferenceArgs{
					Parameters: authorization.ParameterValuesValueMap{
						"prefix": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any("DeptA"),
						},
						"suffix": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any("-LC"),
						},
					},
					PolicyDefinitionId:          pulumi.String("/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
					PolicyDefinitionReferenceId: pulumi.String("Resource_Naming"),
				},
			},
			PolicySetDefinitionName: pulumi.String("CostManagement"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicySetDefinitionAtManagementGroup;
import com.pulumi.azurenative.authorization.PolicySetDefinitionAtManagementGroupArgs;
import com.pulumi.azurenative.authorization.inputs.PolicyDefinitionReferenceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var policySetDefinitionAtManagementGroup = new PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", PolicySetDefinitionAtManagementGroupArgs.builder()
            .description("Policies to enforce low cost storage SKUs")
            .displayName("Cost Management")
            .managementGroupId("MyManagementGroup")
            .metadata(Map.of("category", "Cost Management"))
            .policyDefinitions(            
                PolicyDefinitionReferenceArgs.builder()
                    .parameters(Map.of("listOfAllowedSKUs", Map.of("value",                     
                        "Standard_GRS",
                        "Standard_LRS")))
                    .policyDefinitionId("/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1")
                    .policyDefinitionReferenceId("Limit_Skus")
                    .build(),
                PolicyDefinitionReferenceArgs.builder()
                    .parameters(Map.ofEntries(
                        Map.entry("prefix", Map.of("value", "DeptA")),
                        Map.entry("suffix", Map.of("value", "-LC"))
                    ))
                    .policyDefinitionId("/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming")
                    .policyDefinitionReferenceId("Resource_Naming")
                    .build())
            .policySetDefinitionName("CostManagement")
            .build());
    }
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policySetDefinitionAtManagementGroup = new azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", {
    description: "Policies to enforce low cost storage SKUs",
    displayName: "Cost Management",
    managementGroupId: "MyManagementGroup",
    metadata: {
        category: "Cost Management",
    },
    policyDefinitions: [
        {
            parameters: {
                listOfAllowedSKUs: {
                    value: [
                        "Standard_GRS",
                        "Standard_LRS",
                    ],
                },
            },
            policyDefinitionId: "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
            policyDefinitionReferenceId: "Limit_Skus",
        },
        {
            parameters: {
                prefix: {
                    value: "DeptA",
                },
                suffix: {
                    value: "-LC",
                },
            },
            policyDefinitionId: "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
            policyDefinitionReferenceId: "Resource_Naming",
        },
    ],
    policySetDefinitionName: "CostManagement",
});
import pulumi
import pulumi_azure_native as azure_native
policy_set_definition_at_management_group = azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup",
    description="Policies to enforce low cost storage SKUs",
    display_name="Cost Management",
    management_group_id="MyManagementGroup",
    metadata={
        "category": "Cost Management",
    },
    policy_definitions=[
        {
            "parameters": {
                "listOfAllowedSKUs": {
                    "value": [
                        "Standard_GRS",
                        "Standard_LRS",
                    ],
                },
            },
            "policy_definition_id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
            "policy_definition_reference_id": "Limit_Skus",
        },
        {
            "parameters": {
                "prefix": {
                    "value": "DeptA",
                },
                "suffix": {
                    "value": "-LC",
                },
            },
            "policy_definition_id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
            "policy_definition_reference_id": "Resource_Naming",
        },
    ],
    policy_set_definition_name="CostManagement")
resources:
  policySetDefinitionAtManagementGroup:
    type: azure-native:authorization:PolicySetDefinitionAtManagementGroup
    properties:
      description: Policies to enforce low cost storage SKUs
      displayName: Cost Management
      managementGroupId: MyManagementGroup
      metadata:
        category: Cost Management
      policyDefinitions:
        - parameters:
            listOfAllowedSKUs:
              value:
                - Standard_GRS
                - Standard_LRS
          policyDefinitionId: /providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1
          policyDefinitionReferenceId: Limit_Skus
        - parameters:
            prefix:
              value: DeptA
            suffix:
              value: -LC
          policyDefinitionId: /providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
          policyDefinitionReferenceId: Resource_Naming
      policySetDefinitionName: CostManagement
Create or update a policy set definition with groups at management group level
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() => 
{
    var policySetDefinitionAtManagementGroup = new AzureNative.Authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", new()
    {
        Description = "Policies to enforce low cost storage SKUs",
        DisplayName = "Cost Management",
        ManagementGroupId = "MyManagementGroup",
        Metadata = new Dictionary<string, object?>
        {
            ["category"] = "Cost Management",
        },
        PolicyDefinitionGroups = new[]
        {
            new AzureNative.Authorization.Inputs.PolicyDefinitionGroupArgs
            {
                Description = "Policies designed to control spend within a subscription.",
                DisplayName = "Cost Management Policies",
                Name = "CostSaving",
            },
            new AzureNative.Authorization.Inputs.PolicyDefinitionGroupArgs
            {
                Description = "Policies that help enforce resource organization standards within a subscription.",
                DisplayName = "Organizational Policies",
                Name = "Organizational",
            },
        },
        PolicyDefinitions = new[]
        {
            new AzureNative.Authorization.Inputs.PolicyDefinitionReferenceArgs
            {
                GroupNames = new[]
                {
                    "CostSaving",
                },
                Parameters = 
                {
                    { "listOfAllowedSKUs", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = new[]
                        {
                            "Standard_GRS",
                            "Standard_LRS",
                        },
                    } },
                },
                PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
                PolicyDefinitionReferenceId = "Limit_Skus",
            },
            new AzureNative.Authorization.Inputs.PolicyDefinitionReferenceArgs
            {
                GroupNames = new[]
                {
                    "Organizational",
                },
                Parameters = 
                {
                    { "prefix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = "DeptA",
                    } },
                    { "suffix", new AzureNative.Authorization.Inputs.ParameterValuesValueArgs
                    {
                        Value = "-LC",
                    } },
                },
                PolicyDefinitionId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
                PolicyDefinitionReferenceId = "Resource_Naming",
            },
        },
        PolicySetDefinitionName = "CostManagement",
    });
});
package main
import (
	authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := authorization.NewPolicySetDefinitionAtManagementGroup(ctx, "policySetDefinitionAtManagementGroup", &authorization.PolicySetDefinitionAtManagementGroupArgs{
			Description:       pulumi.String("Policies to enforce low cost storage SKUs"),
			DisplayName:       pulumi.String("Cost Management"),
			ManagementGroupId: pulumi.String("MyManagementGroup"),
			Metadata: pulumi.Any(map[string]interface{}{
				"category": "Cost Management",
			}),
			PolicyDefinitionGroups: authorization.PolicyDefinitionGroupArray{
				&authorization.PolicyDefinitionGroupArgs{
					Description: pulumi.String("Policies designed to control spend within a subscription."),
					DisplayName: pulumi.String("Cost Management Policies"),
					Name:        pulumi.String("CostSaving"),
				},
				&authorization.PolicyDefinitionGroupArgs{
					Description: pulumi.String("Policies that help enforce resource organization standards within a subscription."),
					DisplayName: pulumi.String("Organizational Policies"),
					Name:        pulumi.String("Organizational"),
				},
			},
			PolicyDefinitions: authorization.PolicyDefinitionReferenceArray{
				&authorization.PolicyDefinitionReferenceArgs{
					GroupNames: pulumi.StringArray{
						pulumi.String("CostSaving"),
					},
					Parameters: authorization.ParameterValuesValueMap{
						"listOfAllowedSKUs": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any{
								"Standard_GRS",
								"Standard_LRS",
							},
						},
					},
					PolicyDefinitionId:          pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1"),
					PolicyDefinitionReferenceId: pulumi.String("Limit_Skus"),
				},
				&authorization.PolicyDefinitionReferenceArgs{
					GroupNames: pulumi.StringArray{
						pulumi.String("Organizational"),
					},
					Parameters: authorization.ParameterValuesValueMap{
						"prefix": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any("DeptA"),
						},
						"suffix": &authorization.ParameterValuesValueArgs{
							Value: pulumi.Any("-LC"),
						},
					},
					PolicyDefinitionId:          pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
					PolicyDefinitionReferenceId: pulumi.String("Resource_Naming"),
				},
			},
			PolicySetDefinitionName: pulumi.String("CostManagement"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicySetDefinitionAtManagementGroup;
import com.pulumi.azurenative.authorization.PolicySetDefinitionAtManagementGroupArgs;
import com.pulumi.azurenative.authorization.inputs.PolicyDefinitionGroupArgs;
import com.pulumi.azurenative.authorization.inputs.PolicyDefinitionReferenceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var policySetDefinitionAtManagementGroup = new PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", PolicySetDefinitionAtManagementGroupArgs.builder()
            .description("Policies to enforce low cost storage SKUs")
            .displayName("Cost Management")
            .managementGroupId("MyManagementGroup")
            .metadata(Map.of("category", "Cost Management"))
            .policyDefinitionGroups(            
                PolicyDefinitionGroupArgs.builder()
                    .description("Policies designed to control spend within a subscription.")
                    .displayName("Cost Management Policies")
                    .name("CostSaving")
                    .build(),
                PolicyDefinitionGroupArgs.builder()
                    .description("Policies that help enforce resource organization standards within a subscription.")
                    .displayName("Organizational Policies")
                    .name("Organizational")
                    .build())
            .policyDefinitions(            
                PolicyDefinitionReferenceArgs.builder()
                    .groupNames("CostSaving")
                    .parameters(Map.of("listOfAllowedSKUs", Map.of("value",                     
                        "Standard_GRS",
                        "Standard_LRS")))
                    .policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1")
                    .policyDefinitionReferenceId("Limit_Skus")
                    .build(),
                PolicyDefinitionReferenceArgs.builder()
                    .groupNames("Organizational")
                    .parameters(Map.ofEntries(
                        Map.entry("prefix", Map.of("value", "DeptA")),
                        Map.entry("suffix", Map.of("value", "-LC"))
                    ))
                    .policyDefinitionId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming")
                    .policyDefinitionReferenceId("Resource_Naming")
                    .build())
            .policySetDefinitionName("CostManagement")
            .build());
    }
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policySetDefinitionAtManagementGroup = new azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup", {
    description: "Policies to enforce low cost storage SKUs",
    displayName: "Cost Management",
    managementGroupId: "MyManagementGroup",
    metadata: {
        category: "Cost Management",
    },
    policyDefinitionGroups: [
        {
            description: "Policies designed to control spend within a subscription.",
            displayName: "Cost Management Policies",
            name: "CostSaving",
        },
        {
            description: "Policies that help enforce resource organization standards within a subscription.",
            displayName: "Organizational Policies",
            name: "Organizational",
        },
    ],
    policyDefinitions: [
        {
            groupNames: ["CostSaving"],
            parameters: {
                listOfAllowedSKUs: {
                    value: [
                        "Standard_GRS",
                        "Standard_LRS",
                    ],
                },
            },
            policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
            policyDefinitionReferenceId: "Limit_Skus",
        },
        {
            groupNames: ["Organizational"],
            parameters: {
                prefix: {
                    value: "DeptA",
                },
                suffix: {
                    value: "-LC",
                },
            },
            policyDefinitionId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
            policyDefinitionReferenceId: "Resource_Naming",
        },
    ],
    policySetDefinitionName: "CostManagement",
});
import pulumi
import pulumi_azure_native as azure_native
policy_set_definition_at_management_group = azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroup",
    description="Policies to enforce low cost storage SKUs",
    display_name="Cost Management",
    management_group_id="MyManagementGroup",
    metadata={
        "category": "Cost Management",
    },
    policy_definition_groups=[
        {
            "description": "Policies designed to control spend within a subscription.",
            "display_name": "Cost Management Policies",
            "name": "CostSaving",
        },
        {
            "description": "Policies that help enforce resource organization standards within a subscription.",
            "display_name": "Organizational Policies",
            "name": "Organizational",
        },
    ],
    policy_definitions=[
        {
            "group_names": ["CostSaving"],
            "parameters": {
                "listOfAllowedSKUs": {
                    "value": [
                        "Standard_GRS",
                        "Standard_LRS",
                    ],
                },
            },
            "policy_definition_id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
            "policy_definition_reference_id": "Limit_Skus",
        },
        {
            "group_names": ["Organizational"],
            "parameters": {
                "prefix": {
                    "value": "DeptA",
                },
                "suffix": {
                    "value": "-LC",
                },
            },
            "policy_definition_id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
            "policy_definition_reference_id": "Resource_Naming",
        },
    ],
    policy_set_definition_name="CostManagement")
resources:
  policySetDefinitionAtManagementGroup:
    type: azure-native:authorization:PolicySetDefinitionAtManagementGroup
    properties:
      description: Policies to enforce low cost storage SKUs
      displayName: Cost Management
      managementGroupId: MyManagementGroup
      metadata:
        category: Cost Management
      policyDefinitionGroups:
        - description: Policies designed to control spend within a subscription.
          displayName: Cost Management Policies
          name: CostSaving
        - description: Policies that help enforce resource organization standards within a subscription.
          displayName: Organizational Policies
          name: Organizational
      policyDefinitions:
        - groupNames:
            - CostSaving
          parameters:
            listOfAllowedSKUs:
              value:
                - Standard_GRS
                - Standard_LRS
          policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1
          policyDefinitionReferenceId: Limit_Skus
        - groupNames:
            - Organizational
          parameters:
            prefix:
              value: DeptA
            suffix:
              value: -LC
          policyDefinitionId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming
          policyDefinitionReferenceId: Resource_Naming
      policySetDefinitionName: CostManagement
Create PolicySetDefinitionAtManagementGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicySetDefinitionAtManagementGroup(name: string, args: PolicySetDefinitionAtManagementGroupArgs, opts?: CustomResourceOptions);@overload
def PolicySetDefinitionAtManagementGroup(resource_name: str,
                                         args: PolicySetDefinitionAtManagementGroupArgs,
                                         opts: Optional[ResourceOptions] = None)
@overload
def PolicySetDefinitionAtManagementGroup(resource_name: str,
                                         opts: Optional[ResourceOptions] = None,
                                         management_group_id: Optional[str] = None,
                                         policy_definitions: Optional[Sequence[PolicyDefinitionReferenceArgs]] = None,
                                         description: Optional[str] = None,
                                         display_name: Optional[str] = None,
                                         metadata: Optional[Any] = None,
                                         parameters: Optional[Mapping[str, ParameterDefinitionsValueArgs]] = None,
                                         policy_definition_groups: Optional[Sequence[PolicyDefinitionGroupArgs]] = None,
                                         policy_set_definition_name: Optional[str] = None,
                                         policy_type: Optional[Union[str, PolicyType]] = None)func NewPolicySetDefinitionAtManagementGroup(ctx *Context, name string, args PolicySetDefinitionAtManagementGroupArgs, opts ...ResourceOption) (*PolicySetDefinitionAtManagementGroup, error)public PolicySetDefinitionAtManagementGroup(string name, PolicySetDefinitionAtManagementGroupArgs args, CustomResourceOptions? opts = null)
public PolicySetDefinitionAtManagementGroup(String name, PolicySetDefinitionAtManagementGroupArgs args)
public PolicySetDefinitionAtManagementGroup(String name, PolicySetDefinitionAtManagementGroupArgs args, CustomResourceOptions options)
type: azure-native:authorization:PolicySetDefinitionAtManagementGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicySetDefinitionAtManagementGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicySetDefinitionAtManagementGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicySetDefinitionAtManagementGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicySetDefinitionAtManagementGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicySetDefinitionAtManagementGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policySetDefinitionAtManagementGroupResource = new AzureNative.Authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroupResource", new()
{
    ManagementGroupId = "string",
    PolicyDefinitions = new[]
    {
        
        {
            { "policyDefinitionId", "string" },
            { "definitionVersion", "string" },
            { "groupNames", new[]
            {
                "string",
            } },
            { "parameters", 
            {
                { "string", 
                {
                    { "value", "any" },
                } },
            } },
            { "policyDefinitionReferenceId", "string" },
        },
    },
    Description = "string",
    DisplayName = "string",
    Metadata = "any",
    Parameters = 
    {
        { "string", 
        {
            { "allowedValues", new[]
            {
                "any",
            } },
            { "defaultValue", "any" },
            { "metadata", 
            {
                { "assignPermissions", false },
                { "description", "string" },
                { "displayName", "string" },
                { "strongType", "string" },
            } },
            { "schema", "any" },
            { "type", "string" },
        } },
    },
    PolicyDefinitionGroups = new[]
    {
        
        {
            { "name", "string" },
            { "additionalMetadataId", "string" },
            { "category", "string" },
            { "description", "string" },
            { "displayName", "string" },
        },
    },
    PolicySetDefinitionName = "string",
    PolicyType = "string",
});
example, err := authorization.NewPolicySetDefinitionAtManagementGroup(ctx, "policySetDefinitionAtManagementGroupResource", &authorization.PolicySetDefinitionAtManagementGroupArgs{
	ManagementGroupId: "string",
	PolicyDefinitions: []map[string]interface{}{
		map[string]interface{}{
			"policyDefinitionId": "string",
			"definitionVersion":  "string",
			"groupNames": []string{
				"string",
			},
			"parameters": map[string]interface{}{
				"string": map[string]interface{}{
					"value": "any",
				},
			},
			"policyDefinitionReferenceId": "string",
		},
	},
	Description: "string",
	DisplayName: "string",
	Metadata:    "any",
	Parameters: map[string]interface{}{
		"string": map[string]interface{}{
			"allowedValues": []string{
				"any",
			},
			"defaultValue": "any",
			"metadata": map[string]interface{}{
				"assignPermissions": false,
				"description":       "string",
				"displayName":       "string",
				"strongType":        "string",
			},
			"schema": "any",
			"type":   "string",
		},
	},
	PolicyDefinitionGroups: []map[string]interface{}{
		map[string]interface{}{
			"name":                 "string",
			"additionalMetadataId": "string",
			"category":             "string",
			"description":          "string",
			"displayName":          "string",
		},
	},
	PolicySetDefinitionName: "string",
	PolicyType:              "string",
})
var policySetDefinitionAtManagementGroupResource = new PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroupResource", PolicySetDefinitionAtManagementGroupArgs.builder()
    .managementGroupId("string")
    .policyDefinitions(List.of(Map.ofEntries(
        Map.entry("policyDefinitionId", "string"),
        Map.entry("definitionVersion", "string"),
        Map.entry("groupNames", List.of("string")),
        Map.entry("parameters", Map.of("string", Map.of("value", "any"))),
        Map.entry("policyDefinitionReferenceId", "string")
    )))
    .description("string")
    .displayName("string")
    .metadata("any")
    .parameters(Map.of("string", Map.ofEntries(
        Map.entry("allowedValues", List.of("any")),
        Map.entry("defaultValue", "any"),
        Map.entry("metadata", Map.ofEntries(
            Map.entry("assignPermissions", false),
            Map.entry("description", "string"),
            Map.entry("displayName", "string"),
            Map.entry("strongType", "string")
        )),
        Map.entry("schema", "any"),
        Map.entry("type", "string")
    )))
    .policyDefinitionGroups(List.of(Map.ofEntries(
        Map.entry("name", "string"),
        Map.entry("additionalMetadataId", "string"),
        Map.entry("category", "string"),
        Map.entry("description", "string"),
        Map.entry("displayName", "string")
    )))
    .policySetDefinitionName("string")
    .policyType("string")
    .build());
policy_set_definition_at_management_group_resource = azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroupResource",
    management_group_id=string,
    policy_definitions=[{
        policyDefinitionId: string,
        definitionVersion: string,
        groupNames: [string],
        parameters: {
            string: {
                value: any,
            },
        },
        policyDefinitionReferenceId: string,
    }],
    description=string,
    display_name=string,
    metadata=any,
    parameters={
        string: {
            allowedValues: [any],
            defaultValue: any,
            metadata: {
                assignPermissions: False,
                description: string,
                displayName: string,
                strongType: string,
            },
            schema: any,
            type: string,
        },
    },
    policy_definition_groups=[{
        name: string,
        additionalMetadataId: string,
        category: string,
        description: string,
        displayName: string,
    }],
    policy_set_definition_name=string,
    policy_type=string)
const policySetDefinitionAtManagementGroupResource = new azure_native.authorization.PolicySetDefinitionAtManagementGroup("policySetDefinitionAtManagementGroupResource", {
    managementGroupId: "string",
    policyDefinitions: [{
        policyDefinitionId: "string",
        definitionVersion: "string",
        groupNames: ["string"],
        parameters: {
            string: {
                value: "any",
            },
        },
        policyDefinitionReferenceId: "string",
    }],
    description: "string",
    displayName: "string",
    metadata: "any",
    parameters: {
        string: {
            allowedValues: ["any"],
            defaultValue: "any",
            metadata: {
                assignPermissions: false,
                description: "string",
                displayName: "string",
                strongType: "string",
            },
            schema: "any",
            type: "string",
        },
    },
    policyDefinitionGroups: [{
        name: "string",
        additionalMetadataId: "string",
        category: "string",
        description: "string",
        displayName: "string",
    }],
    policySetDefinitionName: "string",
    policyType: "string",
});
type: azure-native:authorization:PolicySetDefinitionAtManagementGroup
properties:
    description: string
    displayName: string
    managementGroupId: string
    metadata: any
    parameters:
        string:
            allowedValues:
                - any
            defaultValue: any
            metadata:
                assignPermissions: false
                description: string
                displayName: string
                strongType: string
            schema: any
            type: string
    policyDefinitionGroups:
        - additionalMetadataId: string
          category: string
          description: string
          displayName: string
          name: string
    policyDefinitions:
        - definitionVersion: string
          groupNames:
            - string
          parameters:
            string:
                value: any
          policyDefinitionId: string
          policyDefinitionReferenceId: string
    policySetDefinitionName: string
    policyType: string
PolicySetDefinitionAtManagementGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The PolicySetDefinitionAtManagementGroup resource accepts the following input properties:
- ManagementGroup stringId 
- The ID of the management group.
- PolicyDefinitions List<Pulumi.Azure Native. Authorization. Inputs. Policy Definition Reference> 
- An array of policy definition references.
- Description string
- The policy set definition description.
- DisplayName string
- The display name of the policy set definition.
- Metadata object
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Parameters
Dictionary<string, Pulumi.Azure Native. Authorization. Inputs. Parameter Definitions Value Args> 
- The policy set definition parameters that can be used in policy definition references.
- PolicyDefinition List<Pulumi.Groups Azure Native. Authorization. Inputs. Policy Definition Group> 
- The metadata describing groups of policy definition references within the policy set definition.
- PolicySet stringDefinition Name 
- The name of the policy set definition to create.
- PolicyType string | Pulumi.Azure Native. Authorization. Policy Type 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- ManagementGroup stringId 
- The ID of the management group.
- PolicyDefinitions []PolicyDefinition Reference Args 
- An array of policy definition references.
- Description string
- The policy set definition description.
- DisplayName string
- The display name of the policy set definition.
- Metadata interface{}
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Parameters
map[string]ParameterDefinitions Value Args 
- The policy set definition parameters that can be used in policy definition references.
- PolicyDefinition []PolicyGroups Definition Group Args 
- The metadata describing groups of policy definition references within the policy set definition.
- PolicySet stringDefinition Name 
- The name of the policy set definition to create.
- PolicyType string | PolicyType 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- managementGroup StringId 
- The ID of the management group.
- policyDefinitions List<PolicyDefinition Reference> 
- An array of policy definition references.
- description String
- The policy set definition description.
- displayName String
- The display name of the policy set definition.
- metadata Object
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- parameters
Map<String,ParameterDefinitions Value Args> 
- The policy set definition parameters that can be used in policy definition references.
- policyDefinition List<PolicyGroups Definition Group> 
- The metadata describing groups of policy definition references within the policy set definition.
- policySet StringDefinition Name 
- The name of the policy set definition to create.
- policyType String | PolicyType 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- managementGroup stringId 
- The ID of the management group.
- policyDefinitions PolicyDefinition Reference[] 
- An array of policy definition references.
- description string
- The policy set definition description.
- displayName string
- The display name of the policy set definition.
- metadata any
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- parameters
{[key: string]: ParameterDefinitions Value Args} 
- The policy set definition parameters that can be used in policy definition references.
- policyDefinition PolicyGroups Definition Group[] 
- The metadata describing groups of policy definition references within the policy set definition.
- policySet stringDefinition Name 
- The name of the policy set definition to create.
- policyType string | PolicyType 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- management_group_ strid 
- The ID of the management group.
- policy_definitions Sequence[PolicyDefinition Reference Args] 
- An array of policy definition references.
- description str
- The policy set definition description.
- display_name str
- The display name of the policy set definition.
- metadata Any
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- parameters
Mapping[str, ParameterDefinitions Value Args] 
- The policy set definition parameters that can be used in policy definition references.
- policy_definition_ Sequence[Policygroups Definition Group Args] 
- The metadata describing groups of policy definition references within the policy set definition.
- policy_set_ strdefinition_ name 
- The name of the policy set definition to create.
- policy_type str | PolicyType 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
- managementGroup StringId 
- The ID of the management group.
- policyDefinitions List<Property Map>
- An array of policy definition references.
- description String
- The policy set definition description.
- displayName String
- The display name of the policy set definition.
- metadata Any
- The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- parameters Map<Property Map>
- The policy set definition parameters that can be used in policy definition references.
- policyDefinition List<Property Map>Groups 
- The metadata describing groups of policy definition references within the policy set definition.
- policySet StringDefinition Name 
- The name of the policy set definition to create.
- policyType String | "NotSpecified" | "Built In" | "Custom" | "Static" 
- The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicySetDefinitionAtManagementGroup resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the policy set definition.
- SystemData Pulumi.Azure Native. Authorization. Outputs. System Data Response 
- The system metadata relating to this resource.
- Type string
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the policy set definition.
- SystemData SystemData Response 
- The system metadata relating to this resource.
- Type string
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the policy set definition.
- systemData SystemData Response 
- The system metadata relating to this resource.
- type String
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the policy set definition.
- systemData SystemData Response 
- The system metadata relating to this resource.
- type string
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the policy set definition.
- system_data SystemData Response 
- The system metadata relating to this resource.
- type str
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the policy set definition.
- systemData Property Map
- The system metadata relating to this resource.
- type String
- The type of the resource (Microsoft.Authorization/policySetDefinitions).
Supporting Types
ParameterDefinitionsValue, ParameterDefinitionsValueArgs      
- AllowedValues List<object>
- The allowed values for the parameter.
- DefaultValue object
- The default value for the parameter if no value is provided.
- Metadata
Pulumi.Azure Native. Authorization. Inputs. Parameter Definitions Value Metadata 
- General metadata for the parameter.
- Schema object
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- Type
string | Pulumi.Azure Native. Authorization. Parameter Type 
- The data type of the parameter.
- AllowedValues []interface{}
- The allowed values for the parameter.
- DefaultValue interface{}
- The default value for the parameter if no value is provided.
- Metadata
ParameterDefinitions Value Metadata 
- General metadata for the parameter.
- Schema interface{}
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- Type
string | ParameterType 
- The data type of the parameter.
- allowedValues List<Object>
- The allowed values for the parameter.
- defaultValue Object
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Metadata 
- General metadata for the parameter.
- schema Object
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type
String | ParameterType 
- The data type of the parameter.
- allowedValues any[]
- The allowed values for the parameter.
- defaultValue any
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Metadata 
- General metadata for the parameter.
- schema any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type
string | ParameterType 
- The data type of the parameter.
- allowed_values Sequence[Any]
- The allowed values for the parameter.
- default_value Any
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Metadata 
- General metadata for the parameter.
- schema Any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type
str | ParameterType 
- The data type of the parameter.
- allowedValues List<Any>
- The allowed values for the parameter.
- defaultValue Any
- The default value for the parameter if no value is provided.
- metadata Property Map
- General metadata for the parameter.
- schema Any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type
String | "String" | "Array" | "Object" | "Boolean" | "Integer" | "Float" | "DateTime" 
- The data type of the parameter.
ParameterDefinitionsValueMetadata, ParameterDefinitionsValueMetadataArgs        
- AssignPermissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
- The description of the parameter.
- DisplayName string
- The display name for the parameter.
- StrongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- AssignPermissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
- The description of the parameter.
- DisplayName string
- The display name for the parameter.
- StrongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions Boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
- The description of the parameter.
- displayName String
- The display name for the parameter.
- strongType String
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description string
- The description of the parameter.
- displayName string
- The display name for the parameter.
- strongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign_permissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description str
- The description of the parameter.
- display_name str
- The display name for the parameter.
- strong_type str
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions Boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
- The description of the parameter.
- displayName String
- The display name for the parameter.
- strongType String
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
ParameterDefinitionsValueResponse, ParameterDefinitionsValueResponseArgs        
- AllowedValues List<object>
- The allowed values for the parameter.
- DefaultValue object
- The default value for the parameter if no value is provided.
- Metadata
Pulumi.Azure Native. Authorization. Inputs. Parameter Definitions Value Response Metadata 
- General metadata for the parameter.
- Schema object
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- Type string
- The data type of the parameter.
- AllowedValues []interface{}
- The allowed values for the parameter.
- DefaultValue interface{}
- The default value for the parameter if no value is provided.
- Metadata
ParameterDefinitions Value Response Metadata 
- General metadata for the parameter.
- Schema interface{}
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- Type string
- The data type of the parameter.
- allowedValues List<Object>
- The allowed values for the parameter.
- defaultValue Object
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Response Metadata 
- General metadata for the parameter.
- schema Object
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type String
- The data type of the parameter.
- allowedValues any[]
- The allowed values for the parameter.
- defaultValue any
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Response Metadata 
- General metadata for the parameter.
- schema any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type string
- The data type of the parameter.
- allowed_values Sequence[Any]
- The allowed values for the parameter.
- default_value Any
- The default value for the parameter if no value is provided.
- metadata
ParameterDefinitions Value Response Metadata 
- General metadata for the parameter.
- schema Any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type str
- The data type of the parameter.
- allowedValues List<Any>
- The allowed values for the parameter.
- defaultValue Any
- The default value for the parameter if no value is provided.
- metadata Property Map
- General metadata for the parameter.
- schema Any
- Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/.
- type String
- The data type of the parameter.
ParameterDefinitionsValueResponseMetadata, ParameterDefinitionsValueResponseMetadataArgs          
- AssignPermissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
- The description of the parameter.
- DisplayName string
- The display name for the parameter.
- StrongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- AssignPermissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- Description string
- The description of the parameter.
- DisplayName string
- The display name for the parameter.
- StrongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions Boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
- The description of the parameter.
- displayName String
- The display name for the parameter.
- strongType String
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description string
- The description of the parameter.
- displayName string
- The display name for the parameter.
- strongType string
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assign_permissions bool
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description str
- The description of the parameter.
- display_name str
- The display name for the parameter.
- strong_type str
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
- assignPermissions Boolean
- Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.
- description String
- The description of the parameter.
- displayName String
- The display name for the parameter.
- strongType String
- Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.
ParameterType, ParameterTypeArgs    
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- DateTime 
- DateTime
- ParameterType String 
- String
- ParameterType Array 
- Array
- ParameterType Object 
- Object
- ParameterType Boolean 
- Boolean
- ParameterType Integer 
- Integer
- ParameterType Float 
- Float
- ParameterType Date Time 
- DateTime
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- DateTime 
- DateTime
- String
- String
- Array
- Array
- Object
- Object
- Boolean
- Boolean
- Integer
- Integer
- Float
- Float
- DateTime 
- DateTime
- STRING
- String
- ARRAY
- Array
- OBJECT
- Object
- BOOLEAN
- Boolean
- INTEGER
- Integer
- FLOAT
- Float
- DATE_TIME
- DateTime
- "String"
- String
- "Array"
- Array
- "Object"
- Object
- "Boolean"
- Boolean
- "Integer"
- Integer
- "Float"
- Float
- "DateTime" 
- DateTime
ParameterValuesValue, ParameterValuesValueArgs      
- Value object
- The value of the parameter.
- Value interface{}
- The value of the parameter.
- value Object
- The value of the parameter.
- value any
- The value of the parameter.
- value Any
- The value of the parameter.
- value Any
- The value of the parameter.
ParameterValuesValueResponse, ParameterValuesValueResponseArgs        
- Value object
- The value of the parameter.
- Value interface{}
- The value of the parameter.
- value Object
- The value of the parameter.
- value any
- The value of the parameter.
- value Any
- The value of the parameter.
- value Any
- The value of the parameter.
PolicyDefinitionGroup, PolicyDefinitionGroupArgs      
- Name string
- The name of the group.
- AdditionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- Category string
- The group's category.
- Description string
- The group's description.
- DisplayName string
- The group's display name.
- Name string
- The name of the group.
- AdditionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- Category string
- The group's category.
- Description string
- The group's description.
- DisplayName string
- The group's display name.
- name String
- The name of the group.
- additionalMetadata StringId 
- A resource ID of a resource that contains additional metadata about the group.
- category String
- The group's category.
- description String
- The group's description.
- displayName String
- The group's display name.
- name string
- The name of the group.
- additionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- category string
- The group's category.
- description string
- The group's description.
- displayName string
- The group's display name.
- name str
- The name of the group.
- additional_metadata_ strid 
- A resource ID of a resource that contains additional metadata about the group.
- category str
- The group's category.
- description str
- The group's description.
- display_name str
- The group's display name.
- name String
- The name of the group.
- additionalMetadata StringId 
- A resource ID of a resource that contains additional metadata about the group.
- category String
- The group's category.
- description String
- The group's description.
- displayName String
- The group's display name.
PolicyDefinitionGroupResponse, PolicyDefinitionGroupResponseArgs        
- Name string
- The name of the group.
- AdditionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- Category string
- The group's category.
- Description string
- The group's description.
- DisplayName string
- The group's display name.
- Name string
- The name of the group.
- AdditionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- Category string
- The group's category.
- Description string
- The group's description.
- DisplayName string
- The group's display name.
- name String
- The name of the group.
- additionalMetadata StringId 
- A resource ID of a resource that contains additional metadata about the group.
- category String
- The group's category.
- description String
- The group's description.
- displayName String
- The group's display name.
- name string
- The name of the group.
- additionalMetadata stringId 
- A resource ID of a resource that contains additional metadata about the group.
- category string
- The group's category.
- description string
- The group's description.
- displayName string
- The group's display name.
- name str
- The name of the group.
- additional_metadata_ strid 
- A resource ID of a resource that contains additional metadata about the group.
- category str
- The group's category.
- description str
- The group's description.
- display_name str
- The group's display name.
- name String
- The name of the group.
- additionalMetadata StringId 
- A resource ID of a resource that contains additional metadata about the group.
- category String
- The group's category.
- description String
- The group's description.
- displayName String
- The group's display name.
PolicyDefinitionReference, PolicyDefinitionReferenceArgs      
- PolicyDefinition stringId 
- The ID of the policy definition or policy set definition.
- DefinitionVersion string
- The version of the policy definition to use.
- GroupNames List<string>
- The name of the groups that this policy definition reference belongs to.
- Parameters
Dictionary<string, Pulumi.Azure Native. Authorization. Inputs. Parameter Values Value> 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- PolicyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- PolicyDefinition stringId 
- The ID of the policy definition or policy set definition.
- DefinitionVersion string
- The version of the policy definition to use.
- GroupNames []string
- The name of the groups that this policy definition reference belongs to.
- Parameters
map[string]ParameterValues Value 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- PolicyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- policyDefinition StringId 
- The ID of the policy definition or policy set definition.
- definitionVersion String
- The version of the policy definition to use.
- groupNames List<String>
- The name of the groups that this policy definition reference belongs to.
- parameters
Map<String,ParameterValues Value> 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition StringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- policyDefinition stringId 
- The ID of the policy definition or policy set definition.
- definitionVersion string
- The version of the policy definition to use.
- groupNames string[]
- The name of the groups that this policy definition reference belongs to.
- parameters
{[key: string]: ParameterValues Value} 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- policy_definition_ strid 
- The ID of the policy definition or policy set definition.
- definition_version str
- The version of the policy definition to use.
- group_names Sequence[str]
- The name of the groups that this policy definition reference belongs to.
- parameters
Mapping[str, ParameterValues Value] 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policy_definition_ strreference_ id 
- A unique id (within the policy set definition) for this policy definition reference.
- policyDefinition StringId 
- The ID of the policy definition or policy set definition.
- definitionVersion String
- The version of the policy definition to use.
- groupNames List<String>
- The name of the groups that this policy definition reference belongs to.
- parameters Map<Property Map>
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition StringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
PolicyDefinitionReferenceResponse, PolicyDefinitionReferenceResponseArgs        
- EffectiveDefinition stringVersion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- LatestDefinition stringVersion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- PolicyDefinition stringId 
- The ID of the policy definition or policy set definition.
- DefinitionVersion string
- The version of the policy definition to use.
- GroupNames List<string>
- The name of the groups that this policy definition reference belongs to.
- Parameters
Dictionary<string, Pulumi.Azure Native. Authorization. Inputs. Parameter Values Value Response> 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- PolicyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- EffectiveDefinition stringVersion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- LatestDefinition stringVersion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- PolicyDefinition stringId 
- The ID of the policy definition or policy set definition.
- DefinitionVersion string
- The version of the policy definition to use.
- GroupNames []string
- The name of the groups that this policy definition reference belongs to.
- Parameters
map[string]ParameterValues Value Response 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- PolicyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- effectiveDefinition StringVersion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- latestDefinition StringVersion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- policyDefinition StringId 
- The ID of the policy definition or policy set definition.
- definitionVersion String
- The version of the policy definition to use.
- groupNames List<String>
- The name of the groups that this policy definition reference belongs to.
- parameters
Map<String,ParameterValues Value Response> 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition StringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- effectiveDefinition stringVersion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- latestDefinition stringVersion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- policyDefinition stringId 
- The ID of the policy definition or policy set definition.
- definitionVersion string
- The version of the policy definition to use.
- groupNames string[]
- The name of the groups that this policy definition reference belongs to.
- parameters
{[key: string]: ParameterValues Value Response} 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition stringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
- effective_definition_ strversion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- latest_definition_ strversion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- policy_definition_ strid 
- The ID of the policy definition or policy set definition.
- definition_version str
- The version of the policy definition to use.
- group_names Sequence[str]
- The name of the groups that this policy definition reference belongs to.
- parameters
Mapping[str, ParameterValues Value Response] 
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policy_definition_ strreference_ id 
- A unique id (within the policy set definition) for this policy definition reference.
- effectiveDefinition StringVersion 
- The effective version of the policy definition in use. This is only present if requested via the $expand query parameter.
- latestDefinition StringVersion 
- The latest version of the policy definition available. This is only present if requested via the $expand query parameter.
- policyDefinition StringId 
- The ID of the policy definition or policy set definition.
- definitionVersion String
- The version of the policy definition to use.
- groupNames List<String>
- The name of the groups that this policy definition reference belongs to.
- parameters Map<Property Map>
- The parameter values for the referenced policy rule. The keys are the parameter names.
- policyDefinition StringReference Id 
- A unique id (within the policy set definition) for this policy definition reference.
PolicyType, PolicyTypeArgs    
- NotSpecified 
- NotSpecified
- BuiltIn 
- BuiltIn
- Custom
- Custom
- Static
- Static
- PolicyType Not Specified 
- NotSpecified
- PolicyType Built In 
- BuiltIn
- PolicyType Custom 
- Custom
- PolicyType Static 
- Static
- NotSpecified 
- NotSpecified
- BuiltIn 
- BuiltIn
- Custom
- Custom
- Static
- Static
- NotSpecified 
- NotSpecified
- BuiltIn 
- BuiltIn
- Custom
- Custom
- Static
- Static
- NOT_SPECIFIED
- NotSpecified
- BUILT_IN
- BuiltIn
- CUSTOM
- Custom
- STATIC
- Static
- "NotSpecified" 
- NotSpecified
- "BuiltIn" 
- BuiltIn
- "Custom"
- Custom
- "Static"
- Static
SystemDataResponse, SystemDataResponseArgs      
- CreatedAt string
- The timestamp of resource creation (UTC).
- CreatedBy string
- The identity that created the resource.
- CreatedBy stringType 
- The type of identity that created the resource.
- LastModified stringAt 
- The timestamp of resource last modification (UTC)
- LastModified stringBy 
- The identity that last modified the resource.
- LastModified stringBy Type 
- The type of identity that last modified the resource.
- CreatedAt string
- The timestamp of resource creation (UTC).
- CreatedBy string
- The identity that created the resource.
- CreatedBy stringType 
- The type of identity that created the resource.
- LastModified stringAt 
- The timestamp of resource last modification (UTC)
- LastModified stringBy 
- The identity that last modified the resource.
- LastModified stringBy Type 
- The type of identity that last modified the resource.
- createdAt String
- The timestamp of resource creation (UTC).
- createdBy String
- The identity that created the resource.
- createdBy StringType 
- The type of identity that created the resource.
- lastModified StringAt 
- The timestamp of resource last modification (UTC)
- lastModified StringBy 
- The identity that last modified the resource.
- lastModified StringBy Type 
- The type of identity that last modified the resource.
- createdAt string
- The timestamp of resource creation (UTC).
- createdBy string
- The identity that created the resource.
- createdBy stringType 
- The type of identity that created the resource.
- lastModified stringAt 
- The timestamp of resource last modification (UTC)
- lastModified stringBy 
- The identity that last modified the resource.
- lastModified stringBy Type 
- The type of identity that last modified the resource.
- created_at str
- The timestamp of resource creation (UTC).
- created_by str
- The identity that created the resource.
- created_by_ strtype 
- The type of identity that created the resource.
- last_modified_ strat 
- The timestamp of resource last modification (UTC)
- last_modified_ strby 
- The identity that last modified the resource.
- last_modified_ strby_ type 
- The type of identity that last modified the resource.
- createdAt String
- The timestamp of resource creation (UTC).
- createdBy String
- The identity that created the resource.
- createdBy StringType 
- The type of identity that created the resource.
- lastModified StringAt 
- The timestamp of resource last modification (UTC)
- lastModified StringBy 
- The identity that last modified the resource.
- lastModified StringBy Type 
- The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:PolicySetDefinitionAtManagementGroup CostManagement /providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName} 
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v2 pulumi/pulumi-azure-native
- License
- Apache-2.0