Learn Idem

Learn Idem

Powered by Idem Project

azure.policy.policy_definitions

**Autogenerated function**

Delete Policy Definition

Args:
    name(str): The identifier for this state.
    policy_definition_name(str): The name of the policy definition to delete.
    subscription_id(str, optional): Subscription Unique id.

Returns:
    Dict

Examples:

    .. code-block:: sls

        resource_is_absent:
          azure.policy.policy_definitions.absent:
            - name: value
            - policy_definition_name: value
            - subscription_id: value
**Autogenerated function**

Describe the resource in a way that can be recreated/managed with the corresponding "present" function


List all Policy Definitions under the same subscription


Returns:
    Dict[str, Any]

Examples:

    .. code-block:: bash

        $ idem describe azure.policy.policy_definitions
**Autogenerated function**

Create or update Policy Definitions

Args:
    name(str): The identifier for this state.
    policy_definition_name(str): The name of the policy Definition.
    policy_type(str): The policy type. Possible values are BuiltIn, Custom and NotSpecified.
    mode(str): The policy mode that allows you to specify which resource types will be evaluated.
               Some examples are All, Indexed, Microsoft.KeyVault.Data.
    subscription_id(str, optional): Subscription Unique id.
    display_name(str): The display name of the policy definition.
    description(str, optional): The description of the policy definition.
    policy_rule(dict, optional): The policy rule for the policy definition.
    metadata(dict, optional): The metadata for the policy definition.
    parameters(dict, optional): Parameters for the policy definition.
    resource_id(str, optional): Policy Definition resource id on Azure

Returns:
    Dict

Examples:

    .. code-block:: sls

        policy_definition_is_present:
          azure.policy.policy_definitions.present:
            - name: value
            - policy_definition_name: value
            - subscription_id: value
            - policy_type: value
            - mode: value
            - display_name: value
            - description: value
            - metadata:
                    version: 1.0.0
                    category: RoleDefinitions
            - parameters:
                roleDefinitionIds:
                    type: Array
                    metadata:
                        displayName: Approved Role Definitions
                        description: The list of role definition Ids.
                        strongType: roleDefinitionIds
            - policy_rule:
                    if:
                      allOf:
                        - field: type
                          equals: Microsoft.Authorization/roleAssignments
                        - not:
                            field: Microsoft.Authorization/roleAssignments/roleDefinitionId
                            in: "[parameters('roleDefinitionIds')]"
                    then:
                  effect: deny
Last updated on 20 Sep 2022
 Edit on GitHub