Microsoft.Authorization policyDefinitions 2019-09-01

Template format

To create a Microsoft.Authorization/policyDefinitions resource, add the following JSON to the resources section of your template.

  "name": "string",
  "type": "Microsoft.Authorization/policyDefinitions",
  "apiVersion": "2019-09-01",
  "scope": "string",
  "properties": {
    "policyType": "string",
    "mode": "string",
    "displayName": "string",
    "description": "string",
    "policyRule": {},
    "metadata": {},
    "parameters": {}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Authorization/policyDefinitions object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Authorization/policyDefinitions
apiVersion enum Yes 2019-09-01
scope string No Use when specifying a scope that is different than the deployment scope. See Setting scope for extension resources in ARM templates.
properties object Yes The policy definition properties. - PolicyDefinitionProperties object

PolicyDefinitionProperties object

Name Type Required Value
policyType enum No The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. - NotSpecified, BuiltIn, Custom, Static
mode string No The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
displayName string No The display name of the policy definition.
description string No The policy definition description.
policyRule object No The policy rule.
metadata object No The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs.
parameters object No The parameter definitions for parameters used in the policy rule. The keys are the parameter names.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Deploy a policy definition and assign to a management group

Deploy to Azure
This template is a management group level template that will create a policy definition and assign that policy to the target management group. Currently, this template cannot be deployed via the Azure Portal.