Docs
Packages
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi
azure-native.authorization.PolicyExemption
Explore with Pulumi AI
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi
The policy exemption. API Version: 2020-07-01-preview.
Example Usage
Create or update a policy exemption
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var policyExemption = new AzureNative.Authorization.PolicyExemption("policyExemption", new()
{
Description = "Exempt demo cluster from limit sku",
DisplayName = "Exempt demo cluster",
ExemptionCategory = "Waiver",
Metadata =
{
{ "reason", "Temporary exemption for a expensive VM demo" },
},
PolicyAssignmentId = "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
PolicyDefinitionReferenceIds = new[]
{
"Limit_Skus",
},
PolicyExemptionName = "DemoExpensiveVM",
Scope = "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster",
});
});
package main
import (
authorization "github.com/pulumi/pulumi-azure-native-sdk/authorization"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authorization.NewPolicyExemption(ctx, "policyExemption", &authorization.PolicyExemptionArgs{
Description: pulumi.String("Exempt demo cluster from limit sku"),
DisplayName: pulumi.String("Exempt demo cluster"),
ExemptionCategory: pulumi.String("Waiver"),
Metadata: pulumi.Any{
Reason: "Temporary exemption for a expensive VM demo",
},
PolicyAssignmentId: pulumi.String("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement"),
PolicyDefinitionReferenceIds: pulumi.StringArray{
pulumi.String("Limit_Skus"),
},
PolicyExemptionName: pulumi.String("DemoExpensiveVM"),
Scope: pulumi.String("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.authorization.PolicyExemption;
import com.pulumi.azurenative.authorization.PolicyExemptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var policyExemption = new PolicyExemption("policyExemption", PolicyExemptionArgs.builder()
.description("Exempt demo cluster from limit sku")
.displayName("Exempt demo cluster")
.exemptionCategory("Waiver")
.metadata(Map.of("reason", "Temporary exemption for a expensive VM demo"))
.policyAssignmentId("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement")
.policyDefinitionReferenceIds("Limit_Skus")
.policyExemptionName("DemoExpensiveVM")
.scope("subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
policy_exemption = azure_native.authorization.PolicyExemption("policyExemption",
description="Exempt demo cluster from limit sku",
display_name="Exempt demo cluster",
exemption_category="Waiver",
metadata={
"reason": "Temporary exemption for a expensive VM demo",
},
policy_assignment_id="/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
policy_definition_reference_ids=["Limit_Skus"],
policy_exemption_name="DemoExpensiveVM",
scope="subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const policyExemption = new azure_native.authorization.PolicyExemption("policyExemption", {
description: "Exempt demo cluster from limit sku",
displayName: "Exempt demo cluster",
exemptionCategory: "Waiver",
metadata: {
reason: "Temporary exemption for a expensive VM demo",
},
policyAssignmentId: "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement",
policyDefinitionReferenceIds: ["Limit_Skus"],
policyExemptionName: "DemoExpensiveVM",
scope: "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster",
});
resources:
policyExemption:
type: azure-native:authorization:PolicyExemption
properties:
description: Exempt demo cluster from limit sku
displayName: Exempt demo cluster
exemptionCategory: Waiver
metadata:
reason: Temporary exemption for a expensive VM demo
policyAssignmentId: /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement
policyDefinitionReferenceIds:
- Limit_Skus
policyExemptionName: DemoExpensiveVM
scope: subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster
Create PolicyExemption Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new PolicyExemption(name: string, args: PolicyExemptionArgs, opts?: CustomResourceOptions);@overload
def PolicyExemption(resource_name: str,
args: PolicyExemptionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def PolicyExemption(resource_name: str,
opts: Optional[ResourceOptions] = None,
exemption_category: Optional[Union[str, ExemptionCategory]] = None,
policy_assignment_id: Optional[str] = None,
scope: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
expires_on: Optional[str] = None,
metadata: Optional[Any] = None,
policy_definition_reference_ids: Optional[Sequence[str]] = None,
policy_exemption_name: Optional[str] = None)func NewPolicyExemption(ctx *Context, name string, args PolicyExemptionArgs, opts ...ResourceOption) (*PolicyExemption, error)public PolicyExemption(string name, PolicyExemptionArgs args, CustomResourceOptions? opts = null)
public PolicyExemption(String name, PolicyExemptionArgs args)
public PolicyExemption(String name, PolicyExemptionArgs args, CustomResourceOptions options)
type: azure-native:authorization:PolicyExemption
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyExemptionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var policyExemptionResource = new AzureNative.Authorization.PolicyExemption("policyExemptionResource", new()
{
ExemptionCategory = "string",
PolicyAssignmentId = "string",
Scope = "string",
Description = "string",
DisplayName = "string",
ExpiresOn = "string",
Metadata = "any",
PolicyDefinitionReferenceIds = new[]
{
"string",
},
PolicyExemptionName = "string",
});
example, err := authorization.NewPolicyExemption(ctx, "policyExemptionResource", &authorization.PolicyExemptionArgs{
ExemptionCategory: "string",
PolicyAssignmentId: "string",
Scope: "string",
Description: "string",
DisplayName: "string",
ExpiresOn: "string",
Metadata: "any",
PolicyDefinitionReferenceIds: []string{
"string",
},
PolicyExemptionName: "string",
})
var policyExemptionResource = new PolicyExemption("policyExemptionResource", PolicyExemptionArgs.builder()
.exemptionCategory("string")
.policyAssignmentId("string")
.scope("string")
.description("string")
.displayName("string")
.expiresOn("string")
.metadata("any")
.policyDefinitionReferenceIds("string")
.policyExemptionName("string")
.build());
policy_exemption_resource = azure_native.authorization.PolicyExemption("policyExemptionResource",
exemption_category=string,
policy_assignment_id=string,
scope=string,
description=string,
display_name=string,
expires_on=string,
metadata=any,
policy_definition_reference_ids=[string],
policy_exemption_name=string)
const policyExemptionResource = new azure_native.authorization.PolicyExemption("policyExemptionResource", {
exemptionCategory: "string",
policyAssignmentId: "string",
scope: "string",
description: "string",
displayName: "string",
expiresOn: "string",
metadata: "any",
policyDefinitionReferenceIds: ["string"],
policyExemptionName: "string",
});
type: azure-native:authorization:PolicyExemption
properties:
description: string
displayName: string
exemptionCategory: string
expiresOn: string
metadata: any
policyAssignmentId: string
policyDefinitionReferenceIds:
- string
policyExemptionName: string
scope: string
PolicyExemption Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The PolicyExemption resource accepts the following input properties:
- Exemption
Category string | Pulumi.Azure Native. Authorization. Exemption Category - The policy exemption category. Possible values are Waiver and Mitigated.
- Policy
Assignment stringId - The ID of the policy assignment that is being exempted.
- Scope string
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
- The description of the policy exemption.
- Display
Name string - The display name of the policy exemption.
- Expires
On string - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- Metadata object
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Policy
Definition List<string>Reference Ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- Policy
Exemption stringName - The name of the policy exemption to delete.
- Exemption
Category string | ExemptionCategory - The policy exemption category. Possible values are Waiver and Mitigated.
- Policy
Assignment stringId - The ID of the policy assignment that is being exempted.
- Scope string
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- Description string
- The description of the policy exemption.
- Display
Name string - The display name of the policy exemption.
- Expires
On string - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- Metadata interface{}
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- Policy
Definition []stringReference Ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- Policy
Exemption stringName - The name of the policy exemption to delete.
- exemption
Category String | ExemptionCategory - The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment StringId - The ID of the policy assignment that is being exempted.
- scope String
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
- The description of the policy exemption.
- display
Name String - The display name of the policy exemption.
- expires
On String - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Object
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition List<String>Reference Ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption StringName - The name of the policy exemption to delete.
- exemption
Category string | ExemptionCategory - The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment stringId - The ID of the policy assignment that is being exempted.
- scope string
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description string
- The description of the policy exemption.
- display
Name string - The display name of the policy exemption.
- expires
On string - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata any
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition string[]Reference Ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption stringName - The name of the policy exemption to delete.
- exemption_
category str | ExemptionCategory - The policy exemption category. Possible values are Waiver and Mitigated.
- policy_
assignment_ strid - The ID of the policy assignment that is being exempted.
- scope str
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description str
- The description of the policy exemption.
- display_
name str - The display name of the policy exemption.
- expires_
on str - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Any
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy_
definition_ Sequence[str]reference_ ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy_
exemption_ strname - The name of the policy exemption to delete.
- exemption
Category String | "Waiver" | "Mitigated" - The policy exemption category. Possible values are Waiver and Mitigated.
- policy
Assignment StringId - The ID of the policy assignment that is being exempted.
- scope String
- The scope of the policy exemption. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
- description String
- The description of the policy exemption.
- display
Name String - The display name of the policy exemption.
- expires
On String - The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
- metadata Any
- The policy exemption metadata. Metadata is an open ended object and is typically a collection of key value pairs.
- policy
Definition List<String>Reference Ids - The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition.
- policy
Exemption StringName - The name of the policy exemption to delete.
Outputs
All input properties are implicitly available as output properties. Additionally, the PolicyExemption resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the policy exemption.
- System
Data Pulumi.Azure Native. Authorization. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource (Microsoft.Authorization/policyExemptions).
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the policy exemption.
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource (Microsoft.Authorization/policyExemptions).
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the policy exemption.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource (Microsoft.Authorization/policyExemptions).
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the policy exemption.
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- The type of the resource (Microsoft.Authorization/policyExemptions).
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the policy exemption.
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- The type of the resource (Microsoft.Authorization/policyExemptions).
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the policy exemption.
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource (Microsoft.Authorization/policyExemptions).
Supporting Types
ExemptionCategory, ExemptionCategoryArgs
- Waiver
- WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
- Exemption
Category Waiver - WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- Exemption
Category Mitigated - MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
- Waiver
- WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
- Waiver
- WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- Mitigated
- MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
- WAIVER
- WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- MITIGATED
- MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
- "Waiver"
- WaiverThis category of exemptions usually means the scope is not applicable for the policy.
- "Mitigated"
- MitigatedThis category of exemptions usually means the mitigation actions have been applied to the scope.
SystemDataResponse, SystemDataResponseArgs
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:authorization:PolicyExemption DemoExpensiveVM /subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/demoCluster/providers/Microsoft.Authorization/policyExemptions/DemoExpensiveVM
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- azure-native-v1 pulumi/pulumi-azure-native
- License
- Apache-2.0
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi