azure.mgmt.resource.policy.v2022_06_01.models module

class azure.mgmt.resource.policy.v2022_06_01.models.CreatedByType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The type of identity that created the resource.

APPLICATION = 'Application'

KEY = 'Key'

MANAGED_IDENTITY = 'ManagedIdentity'

USER = 'User'

class azure.mgmt.resource.policy.v2022_06_01.models.EnforcementMode(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.

DEFAULT = 'Default'

The policy effect is enforced during resource creation or update.

DO_NOT_ENFORCE = 'DoNotEnforce'

The policy effect is not enforced during resource creation or update.

class azure.mgmt.resource.policy.v2022_06_01.models.ErrorAdditionalInfo(**kwargs: Any)

Bases: Model

The resource management error additional info.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• type (str) – The additional info type.

• info (JSON) – The additional info.

class azure.mgmt.resource.policy.v2022_06_01.models.ErrorResponse(**kwargs: Any)

Bases: Model

Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• code (str) – The error code.

• message (str) – The error message.

• target (str) – The error target.

• details (list[ErrorResponse]) – The error details.

• additional_info (list[ErrorAdditionalInfo]) – The error additional info.

class azure.mgmt.resource.policy.v2022_06_01.models.Identity(*, type: str | _models.ResourceIdentityType | None = None, user_assigned_identities: Dict[str, _models.UserAssignedIdentitiesValue] | None = None, **kwargs: Any)

Bases: Model

Identity for the resource. Policy assignments support a maximum of one identity. That is either a system assigned identity or a single user assigned identity.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• principal_id (str) – The principal ID of the resource identity. This property will only be provided for a system assigned identity.

• tenant_id (str) – The tenant ID of the resource identity. This property will only be provided for a system assigned identity.

• type (str or ResourceIdentityType) – The identity type. This is the only required field when adding a system or user assigned identity to a resource. Known values are: “SystemAssigned”, “UserAssigned”, and “None”.

• user_assigned_identities (dict[str, UserAssignedIdentitiesValue]) – The user identity associated with the policy. The user identity dictionary key references will be ARM resource ids in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. # pylint: disable=line-too-long

Keyword Arguments:

• type (str or ResourceIdentityType) – The identity type. This is the only required field when adding a system or user assigned identity to a resource. Known values are: “SystemAssigned”, “UserAssigned”, and “None”.

• user_assigned_identities (dict[str, UserAssignedIdentitiesValue]) – The user identity associated with the policy. The user identity dictionary key references will be ARM resource ids in the form: ‘/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}’. # pylint: disable=line-too-long

class azure.mgmt.resource.policy.v2022_06_01.models.NonComplianceMessage(*, message: str, policy_definition_reference_id: str | None = None, **kwargs: Any)

Bases: Model

A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results.

All required parameters must be populated in order to send to server.

Variables:

• message (str) – A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results. Required.

• policy_definition_reference_id (str) – The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.

Keyword Arguments:

• message (str) – A message that describes why a resource is non-compliant with the policy. This is shown in ‘deny’ error messages and on resource’s non-compliant compliance results. Required.

• policy_definition_reference_id (str) – The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment.

class azure.mgmt.resource.policy.v2022_06_01.models.Override(*, kind: str | _models.OverrideKind | None = None, value: str | None = None, selectors: List[_models.Selector] | None = None, **kwargs: Any)

Bases: Model

The policy property value override.

Variables:

• kind (str or OverrideKind) – The override kind. “policyEffect”

• value (str) – The value to override the policy property.

• selectors (list[Selector]) – The list of the selector expressions.

Keyword Arguments:

• kind (str or OverrideKind) – The override kind. “policyEffect”

• value (str) – The value to override the policy property.

• selectors (list[Selector]) – The list of the selector expressions.

class azure.mgmt.resource.policy.v2022_06_01.models.OverrideKind(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The override kind.

POLICY_EFFECT = 'policyEffect'

It will override the policy effect type.

class azure.mgmt.resource.policy.v2022_06_01.models.ParameterValuesValue(*, value: MutableMapping[str, Any] | None = None, **kwargs: Any)

Bases: Model

The value of a parameter.

Variables:

value (JSON) – The value of the parameter.

Keyword Arguments:

value (JSON) – The value of the parameter.

class azure.mgmt.resource.policy.v2022_06_01.models.PolicyAssignment(*, location: str | None = None, identity: _models.Identity | None = None, display_name: str | None = None, policy_definition_id: str | None = None, not_scopes: List[str] | None = None, parameters: Dict[str, _models.ParameterValuesValue] | None = None, description: str | None = None, metadata: MutableMapping[str, Any] | None = None, enforcement_mode: str | _models.EnforcementMode = 'Default', non_compliance_messages: List[_models.NonComplianceMessage] | None = None, resource_selectors: List[_models.ResourceSelector] | None = None, overrides: List[_models.Override] | None = None, **kwargs: Any)

Bases: Model

The policy assignment.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• id (str) – The ID of the policy assignment.

• type (str) – The type of the policy assignment.

• name (str) – The name of the policy assignment.

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• system_data (SystemData) – The system metadata relating to this resource.

• display_name (str) – The display name of the policy assignment.

• policy_definition_id (str) – The ID of the policy definition or policy set definition being assigned.

• scope (str) – The scope for the policy assignment.

• not_scopes (list[str]) – The policy’s excluded scopes.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the assigned policy rule. The keys are the parameter names.

• description (str) – This message will be part of response in case of policy violation.

• metadata (JSON) – The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• enforcement_mode (str or EnforcementMode) – The policy assignment enforcement mode. Possible values are Default and DoNotEnforce. Known values are: “Default” and “DoNotEnforce”.

• non_compliance_messages (list[NonComplianceMessage]) – The messages that describe why a resource is non-compliant with the policy.

• resource_selectors (list[ResourceSelector]) – The resource selector list to filter policies by resource properties.

• overrides (list[Override]) – The policy property value override.

Keyword Arguments:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• display_name (str) – The display name of the policy assignment.

• policy_definition_id (str) – The ID of the policy definition or policy set definition being assigned.

• not_scopes (list[str]) – The policy’s excluded scopes.

• parameters (dict[str, ParameterValuesValue]) – The parameter values for the assigned policy rule. The keys are the parameter names.

• description (str) – This message will be part of response in case of policy violation.

• metadata (JSON) – The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.

• enforcement_mode (str or EnforcementMode) – The policy assignment enforcement mode. Possible values are Default and DoNotEnforce. Known values are: “Default” and “DoNotEnforce”.

• non_compliance_messages (list[NonComplianceMessage]) – The messages that describe why a resource is non-compliant with the policy.

• resource_selectors (list[ResourceSelector]) – The resource selector list to filter policies by resource properties.

• overrides (list[Override]) – The policy property value override.

class azure.mgmt.resource.policy.v2022_06_01.models.PolicyAssignmentListResult(*, value: List[_models.PolicyAssignment] | None = None, next_link: str | None = None, **kwargs: Any)

Bases: Model

List of policy assignments.

Variables:

• value (list[PolicyAssignment]) – An array of policy assignments.

• next_link (str) – The URL to use for getting the next set of results.

Keyword Arguments:

• value (list[PolicyAssignment]) – An array of policy assignments.

• next_link (str) – The URL to use for getting the next set of results.

class azure.mgmt.resource.policy.v2022_06_01.models.PolicyAssignmentUpdate(*, location: str | None = None, identity: _models.Identity | None = None, resource_selectors: List[_models.ResourceSelector] | None = None, overrides: List[_models.Override] | None = None, **kwargs: Any)

Bases: Model

The policy assignment for Patch request.

Variables:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• resource_selectors (list[ResourceSelector]) – The resource selector list to filter policies by resource properties.

• overrides (list[Override]) – The policy property value override.

Keyword Arguments:

• location (str) – The location of the policy assignment. Only required when utilizing managed identity.

• identity (Identity) – The managed identity associated with the policy assignment.

• resource_selectors (list[ResourceSelector]) – The resource selector list to filter policies by resource properties.

• overrides (list[Override]) – The policy property value override.

class azure.mgmt.resource.policy.v2022_06_01.models.ResourceIdentityType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The identity type. This is the only required field when adding a system or user assigned identity to a resource.

NONE = 'None'

Indicates that no identity is associated with the resource or that the existing identity should be removed.

SYSTEM_ASSIGNED = 'SystemAssigned'

Indicates that a system assigned identity is associated with the resource.

USER_ASSIGNED = 'UserAssigned'

Indicates that a system assigned identity is associated with the resource.

class azure.mgmt.resource.policy.v2022_06_01.models.ResourceSelector(*, name: str | None = None, selectors: List[_models.Selector] | None = None, **kwargs: Any)

Bases: Model

The resource selector to filter policies by resource properties.

Variables:

• name (str) – The name of the resource selector.

• selectors (list[Selector]) – The list of the selector expressions.

Keyword Arguments:

• name (str) – The name of the resource selector.

• selectors (list[Selector]) – The list of the selector expressions.

class azure.mgmt.resource.policy.v2022_06_01.models.Selector(*, kind: str | _models.SelectorKind | None = None, in_property: List[str] | None = None, not_in: List[str] | None = None, **kwargs: Any)

Bases: Model

The selector expression.

Variables:

• kind (str or SelectorKind) – The selector kind. Known values are: “resourceLocation”, “resourceType”, “resourceWithoutLocation”, and “policyDefinitionReferenceId”.

• in_property (list[str]) – The list of values to filter in.

• not_in (list[str]) – The list of values to filter out.

Keyword Arguments:

• kind (str or SelectorKind) – The selector kind. Known values are: “resourceLocation”, “resourceType”, “resourceWithoutLocation”, and “policyDefinitionReferenceId”.

• in_property (list[str]) – The list of values to filter in.

• not_in (list[str]) – The list of values to filter out.

class azure.mgmt.resource.policy.v2022_06_01.models.SelectorKind(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)

Bases: str, Enum

The selector kind.

POLICY_DEFINITION_REFERENCE_ID = 'policyDefinitionReferenceId'

The selector kind to filter policies by the policy definition reference ID.

RESOURCE_LOCATION = 'resourceLocation'

The selector kind to filter policies by the resource location.

RESOURCE_TYPE = 'resourceType'

The selector kind to filter policies by the resource type.

RESOURCE_WITHOUT_LOCATION = 'resourceWithoutLocation'

The selector kind to filter policies by the resource without location.

class azure.mgmt.resource.policy.v2022_06_01.models.SystemData(*, created_by: str | None = None, created_by_type: str | _models.CreatedByType | None = None, created_at: datetime | None = None, last_modified_by: str | None = None, last_modified_by_type: str | _models.CreatedByType | None = None, last_modified_at: datetime | None = None, **kwargs: Any)

Bases: Model

Metadata pertaining to creation and last modification of the resource.

Variables:

• created_by (str) – The identity that created the resource.

• created_by_type (str or CreatedByType) – The type of identity that created the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• created_at (datetime) – The timestamp of resource creation (UTC).

• last_modified_by (str) – The identity that last modified the resource.

• last_modified_by_type (str or CreatedByType) – The type of identity that last modified the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• last_modified_at (datetime) – The timestamp of resource last modification (UTC).

Keyword Arguments:

• created_by (str) – The identity that created the resource.

• created_by_type (str or CreatedByType) – The type of identity that created the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• created_at (datetime) – The timestamp of resource creation (UTC).

• last_modified_by (str) – The identity that last modified the resource.

• last_modified_by_type (str or CreatedByType) – The type of identity that last modified the resource. Known values are: “User”, “Application”, “ManagedIdentity”, and “Key”.

• last_modified_at (datetime) – The timestamp of resource last modification (UTC).

class azure.mgmt.resource.policy.v2022_06_01.models.UserAssignedIdentitiesValue(**kwargs: Any)

Bases: Model

UserAssignedIdentitiesValue.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

• principal_id (str) – The principal id of user assigned identity.

• client_id (str) – The client id of user assigned identity.