azure.mgmt.resource.policy.v2021_06_01.models module

class azure.mgmt.resource.policy.v2021_06_01.models.CreatedByType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The type of identity that created the resource.

APPLICATION = 'Application'

KEY = 'Key'

MANAGED_IDENTITY = 'ManagedIdentity'

USER = 'User'

class azure.mgmt.resource.policy.v2021_06_01.models.EnforcementMode(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.

DEFAULT = 'Default'

The policy effect is enforced during resource creation or update.

DO_NOT_ENFORCE = 'DoNotEnforce'

The policy effect is not enforced during resource creation or update.

class azure.mgmt.resource.policy.v2021_06_01.models.ErrorAdditionalInfo(**kwargs: Any)

Bases: Model

The resource management error additional info.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• type (str) – The additional info type.

• info (JSON) – The additional info.

class azure.mgmt.resource.policy.v2021_06_01.models.ErrorResponse(**kwargs: Any)

Bases: Model

Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• code (str) – The error code.

• message (str) – The error message.

• target (str) – The error target.

• details (list[ErrorResponse]) – The error details.

• additional_info (list[ErrorAdditionalInfo]) – The error additional info.

class azure.mgmt.resource.policy.v2021_06_01.models.Identity(*, type: str | _models.ResourceIdentityType | None = None, user_assigned_identities: Dict[str, _models.UserAssignedIdentitiesValue] | None = None, **kwargs: Any)

Bases: Model

Identity for the resource. Policy assignments support a maximum of one identity. That is either a system assigned identity or a single user assigned identity.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• principal_id (str) – The principal ID of the resource identity. This property will only be provided for a system assigned identity.

• tenant_id (str) – The tenant ID of the resource identity. This property will only be provided for a system assigned identity.

• type (str or ResourceIdentityType) – The identity type. This is the only required field when adding a system or user assigned identity to a resource. Known values are: “SystemAssigned”, “UserAssigned”, and “None”.

• user_assigned_identities (dict[str, UserAssignedIdentitiesValue]) – The user identity associated with the policy. The user identity dictionary key references will be ARM resource ids in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. # pylint: disable=line-too-long

Keyword Arguments:

• type (str or ResourceIdentityType) – The identity type. This is the only required field when adding a system or user assigned identity to a resource. Known values are: “SystemAssigned”, “UserAssigned”, and “None”.

• user_assigned_identities (dict[str, UserAssignedIdentitiesValue]) – The user identity associated with the policy. The user identity dictionary key references will be ARM resource ids in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. # pylint: disable=line-too-long

class azure.mgmt.resource.policy.v2021_06_01.models.NonComplianceMessage(*, message: str, policy_definition_reference_id: str | None = None, **kwargs: Any)

Bases: Model

A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results.

All required parameters must be populated in order to send to server.

Variables:

• message (str) – A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results. Required.

• policy_definition_reference_id (str) – The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.

Keyword Arguments:

• message (str) – A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results. Required.

• policy_definition_reference_id (str) – The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.

class azure.mgmt.resource.policy.v2021_06_01.models.ParameterDefinitionsValue(*, type: str | _models.ParameterType | None = None, allowed_values: List[MutableMapping[str, Any]] | None = None, default_value: MutableMapping[str, Any] | None = None, metadata: _models.ParameterDefinitionsValueMetadata | None = None, **kwargs: Any)

Bases: Model

The definition of a parameter that can be provided to the policy.

Variables:

• type (str or ParameterType) – The data type of the parameter. Known values are: “String”, “Array”, “Object”, “Boolean”, “Integer”, “Float”, and “DateTime”.

• allowed_values (list[JSON]) – The allowed values for the parameter.

• default_value (JSON) – The default value for the parameter if no value is provided.

• metadata (ParameterDefinitionsValueMetadata) – General metadata for the parameter.

Keyword Arguments:

• type (str or ParameterType) – The data type of the parameter. Known values are: “String”, “Array”, “Object”, “Boolean”, “Integer”, “Float”, and “DateTime”.

• allowed_values (list[JSON]) – The allowed values for the parameter.

• default_value (JSON) – The default value for the parameter if no value is provided.

• metadata (ParameterDefinitionsValueMetadata) – General metadata for the parameter.

class azure.mgmt.resource.policy.v2021_06_01.models.ParameterDefinitionsValueMetadata(*, additional_properties: Dict[str, MutableMapping[str, Any]] | None = None, display_name: str | None = None, description: str | None = None, strong_type: str | None = None, assign_permissions: bool | None = None, **kwargs: Any)

Bases: Model

General metadata for the parameter.

Variables:

• additional_properties (dict[str, JSON]) – Unmatched properties from the message are deserialized to this collection.

• display_name (str) – The display name for the parameter.

• description (str) – The description of the parameter.

• strong_type (str) – Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.

• assign_permissions (bool) – Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.

Keyword Arguments:

• additional_properties (dict[str, JSON]) – Unmatched properties from the message are deserialized to this collection.

• display_name (str) – The display name for the parameter.

• description (str) – The description of the parameter.

• strong_type (str) – Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from.

• assign_permissions (bool) – Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope.

class azure.mgmt.resource.policy.v2021_06_01.models.ParameterType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The data type of the parameter.

ARRAY = 'Array'

BOOLEAN = 'Boolean'

DATE_TIME = 'DateTime'

FLOAT = 'Float'

INTEGER = 'Integer'

OBJECT = 'Object'

STRING = 'String'

class azure.mgmt.resource.policy.v2021_06_01.models.ParameterValuesValue(*, value: MutableMapping[str, Any] | None = None, **kwargs: Any)

Bases: Model

The value of a parameter.

Variables:

value (JSON) – The value of the parameter.

Keyword Arguments:

value (JSON) – The value of the parameter.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyAssignment(*, location: str | None = None, identity: _models.Identity | None = None, display_name: str | None = None, policy_definition_id: str | None = None, not_scopes: List[str] | None = None, parameters: Dict[str, _models.ParameterValuesValue] | None = None, description: str | None = None, metadata: MutableMapping[str, Any] | None = None, enforcement_mode: str | _models.EnforcementMode = 'Default', non_compliance_messages: List[_models.NonComplianceMessage] | None = None, **kwargs: Any)

Bases: Model

The policy assignment.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• id (str) – The ID of the policy assignment.

• type (str) – The type of the policy assignment.

• name (str) – The name of the policy assignment.

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• system_data (SystemData) – The system metadata relating to this resource.

• display_name (str) – The display name of the policy assignment.

• policy_definition_id (str) – The ID of the policy definition or policy set definition being assigned.

• scope (str) – The scope for the policy assignment.

• not_scopes (list[str]) – The policy’s excluded scopes.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the assigned policy rule. The keys are the parameter names.

• description (str) – This message will be part of response in case of policy violation.

• metadata (JSON) – The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• enforcement_mode (str or EnforcementMode) – The policy assignment enforcement mode. Possible values are Default and DoNotEnforce. Known values are: “Default” and “DoNotEnforce”.

• non_compliance_messages (list[NonComplianceMessage]) – The messages that describe why a resource is non-compliant with the policy.

Keyword Arguments:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• display_name (str) – The display name of the policy assignment.

• policy_definition_id (str) – The ID of the policy definition or policy set definition being assigned.

• not_scopes (list[str]) – The policy’s excluded scopes.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the assigned policy rule. The keys are the parameter names.

• description (str) – This message will be part of response in case of policy violation.

• metadata (JSON) – The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• enforcement_mode (str or EnforcementMode) – The policy assignment enforcement mode. Possible values are Default and DoNotEnforce. Known values are: “Default” and “DoNotEnforce”.

• non_compliance_messages (list[NonComplianceMessage]) – The messages that describe why a resource is non-compliant with the policy.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyAssignmentListResult(*, value: List[_models.PolicyAssignment] | None = None, next_link: str | None = None, **kwargs: Any)

Bases: Model

List of policy assignments.

Variables:

• value (list[PolicyAssignment]) – An array of policy assignments.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments:

• value (list[PolicyAssignment]) – An array of policy assignments.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyAssignmentUpdate(*, location: str | None = None, identity: _models.Identity | None = None, **kwargs: Any)

Bases: Model

PolicyAssignmentUpdate.

Variables:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

Keyword Arguments:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyDefinition(*, policy_type: str | _models.PolicyType | None = None, mode: str = 'Indexed', display_name: str | None = None, description: str | None = None, policy_rule: MutableMapping[str, Any] | None = None, metadata: MutableMapping[str, Any] | None = None, parameters: Dict[str, _models.ParameterDefinitionsValue] | None = None, **kwargs: Any)

Bases: Model

The policy definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• id (str) – The ID of the policy definition.

• name (str) – The name of the policy definition.

• type (str) – The type of the resource (Microsoft.Authorization/policyDefinitions).

• system_data (SystemData) – The system metadata relating to this resource.

• policy_type (str or PolicyType) – The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Known values are: “NotSpecified”, “BuiltIn”, “Custom”, and “Static”.

• mode (str) – The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.

• display_name (str) – The display name of the policy definition.

• description (str) – The policy definition description.

• policy_rule (JSON) – The policy rule.

• metadata (JSON) – The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• parameters (dict[str, ParameterDefinitionsValue]) – The parameter definitions for parameters used in the policy rule. The keys are the parameter names.

Keyword Arguments:

• policy_type (str or PolicyType) – The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Known values are: “NotSpecified”, “BuiltIn”, “Custom”, and “Static”.

• mode (str) – The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.

• display_name (str) – The display name of the policy definition.

• description (str) – The policy definition description.

• policy_rule (JSON) – The policy rule.

• metadata (JSON) – The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• parameters (dict[str, ParameterDefinitionsValue]) – The parameter definitions for parameters used in the policy rule. The keys are the parameter names.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyDefinitionGroup(*, name: str, display_name: str | None = None, category: str | None = None, description: str | None = None, additional_metadata_id: str | None = None, **kwargs: Any)

Bases: Model

The policy definition group.

All required parameters must be populated in order to send to server.

Variables:

• name (str) – The name of the group. Required.

• display_name (str) – The group’s display name.

• category (str) – The group’s category.

• description (str) – The group’s description.

• additional_metadata_id (str) – A resource ID of a resource that contains additional metadata about the group.

Keyword Arguments:

• name (str) – The name of the group. Required.

• display_name (str) – The group’s display name.

• category (str) – The group’s category.

• description (str) – The group’s description.

• additional_metadata_id (str) – A resource ID of a resource that contains additional metadata about the group.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyDefinitionListResult(*, value: List[_models.PolicyDefinition] | None = None, next_link: str | None = None, **kwargs: Any)

Bases: Model

List of policy definitions.

Variables:

• value (list[PolicyDefinition]) – An array of policy definitions.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments:

• value (list[PolicyDefinition]) – An array of policy definitions.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyDefinitionReference(*, policy_definition_id: str, parameters: Dict[str, _models.ParameterValuesValue] | None = None, policy_definition_reference_id: str | None = None, group_names: List[str] | None = None, **kwargs: Any)

Bases: Model

The policy definition reference.

All required parameters must be populated in order to send to server.

Variables:

• policy_definition_id (str) – The ID of the policy definition or policy set definition. Required.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the referenced policy rule. The keys are the parameter names.

• policy_definition_reference_id (str) – A unique id (within the policy set definition) for this policy definition reference.

• group_names (list[str]) – The name of the groups that this policy definition reference belongs to.

Keyword Arguments:

• policy_definition_id (str) – The ID of the policy definition or policy set definition. Required.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the referenced policy rule. The keys are the parameter names.

• policy_definition_reference_id (str) – A unique id (within the policy set definition) for this policy definition reference.

• group_names (list[str]) – The name of the groups that this policy definition reference belongs to.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicySetDefinition(*, policy_type: str | _models.PolicyType | None = None, display_name: str | None = None, description: str | None = None, metadata: MutableMapping[str, Any] | None = None, parameters: Dict[str, _models.ParameterDefinitionsValue] | None = None, policy_definitions: List[_models.PolicyDefinitionReference] | None = None, policy_definition_groups: List[_models.PolicyDefinitionGroup] | None = None, **kwargs: Any)

Bases: Model

The policy set definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• id (str) – The ID of the policy set definition.

• name (str) – The name of the policy set definition.

• type (str) – The type of the resource (Microsoft.Authorization/policySetDefinitions).

• system_data (SystemData) – The system metadata relating to this resource.

• policy_type (str or PolicyType) – The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Known values are: “NotSpecified”, “BuiltIn”, “Custom”, and “Static”.

• display_name (str) – The display name of the policy set definition.

• description (str) – The policy set definition description.

• metadata (JSON) – The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• parameters (dict[str, ParameterDefinitionsValue]) – The policy set definition parameters that can be used in policy definition references.

• policy_definitions (list[PolicyDefinitionReference]) – An array of policy definition references.

• policy_definition_groups (list[PolicyDefinitionGroup]) – The metadata describing groups of policy definition references within the policy set definition.

Keyword Arguments:

• policy_type (str or PolicyType) – The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Known values are: “NotSpecified”, “BuiltIn”, “Custom”, and “Static”.

• display_name (str) – The display name of the policy set definition.

• description (str) – The policy set definition description.

• metadata (JSON) – The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• parameters (dict[str, ParameterDefinitionsValue]) – The policy set definition parameters that can be used in policy definition references.

• policy_definitions (list[PolicyDefinitionReference]) – An array of policy definition references.

• policy_definition_groups (list[PolicyDefinitionGroup]) – The metadata describing groups of policy definition references within the policy set definition.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicySetDefinitionListResult(*, value: List[_models.PolicySetDefinition] | None = None, next_link: str | None = None, **kwargs: Any)

Bases: Model

List of policy set definitions.

Variables:

• value (list[PolicySetDefinition]) – An array of policy set definitions.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments:

• value (list[PolicySetDefinition]) – An array of policy set definitions.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.resource.policy.v2021_06_01.models.PolicyType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.

BUILT_IN = 'BuiltIn'

CUSTOM = 'Custom'

NOT_SPECIFIED = 'NotSpecified'

STATIC = 'Static'

class azure.mgmt.resource.policy.v2021_06_01.models.ResourceIdentityType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The identity type. This is the only required field when adding a system or user assigned identity to a resource.

NONE = 'None'

Indicates that no identity is associated with the resource or that the existing identity should be removed.

SYSTEM_ASSIGNED = 'SystemAssigned'

Indicates that a system assigned identity is associated with the resource.

USER_ASSIGNED = 'UserAssigned'

Indicates that a system assigned identity is associated with the resource.

class azure.mgmt.resource.policy.v2021_06_01.models.SystemData(*, created_by: str | None = None, created_by_type: str | _models.CreatedByType | None = None, created_at: datetime | None = None, last_modified_by: str | None = None, last_modified_by_type: str | _models.CreatedByType | None = None, last_modified_at: datetime | None = None, **kwargs: Any)

Bases: Model

Metadata pertaining to creation and last modification of the resource.

Variables:

• created_by (str) – The identity that created the resource.

• created_by_type (str or CreatedByType) – The type of identity that created the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• created_at (datetime) – The timestamp of resource creation (UTC).

• last_modified_by (str) – The identity that last modified the resource.

• last_modified_by_type (str or CreatedByType) – The type of identity that last modified the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• last_modified_at (datetime) – The timestamp of resource last modification (UTC).

Keyword Arguments:

• created_by (str) – The identity that created the resource.

• created_by_type (str or CreatedByType) – The type of identity that created the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• created_at (datetime) – The timestamp of resource creation (UTC).

• last_modified_by (str) – The identity that last modified the resource.

• last_modified_by_type (str or CreatedByType) – The type of identity that last modified the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• last_modified_at (datetime) – The timestamp of resource last modification (UTC).

class azure.mgmt.resource.policy.v2021_06_01.models.UserAssignedIdentitiesValue(**kwargs: Any)

Bases: Model

UserAssignedIdentitiesValue.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• principal_id (str) – The principal id of user assigned identity.

• client_id (str) – The client id of user assigned identity.