Set-AzureRmPolicyAssignment
Modifies a policy assignment.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
Set-AzureRmPolicyAssignment
-Name <String>
-Scope <String>
[-NotScope <String[]>]
[-DisplayName <String>]
[-Description <String>]
[-Metadata <String>]
[-Sku <Hashtable>]
[-AssignIdentity]
[-Location <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-InformationAction <ActionPreference>]
[-InformationVariable <String>]
[<CommonParameters>] Set-AzureRmPolicyAssignment
[-NotScope <String[]>]
-Id <String>
[-DisplayName <String>]
[-Description <String>]
[-Metadata <String>]
[-Sku <Hashtable>]
[-AssignIdentity]
[-Location <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-InformationAction <ActionPreference>]
[-InformationVariable <String>]
[<CommonParameters>] Description
The Set-AzureRmPolicyAssignment cmdlet modifies a policy assignment. Specify an assignment by ID or by name and scope.
Examples
Example 1: Update the display name
PS C:\> $ResourceGroup = Get-AzureRmResourceGroup -Name 'ResourceGroup11'
PS C:\> $PolicyAssignment = Get-AzureRmPolicyAssignment -Name 'PolicyAssignment' -Scope $ResourceGroup.ResourceId
PS C:\> Set-AzureRmPolicyAssignment -Id $PolicyAssignment.ResourceId -DisplayName 'Do not allow VM creation'The first command gets a resource group named ResourceGroup11 by using the Get-AzureRMResourceGroup cmdlet. The command stores that object in the $ResourceGroup variable. The second command gets the policy assignment named PolicyAssignment by using the Get-AzureRmPolicyAssignment cmdlet. The command stores that object in the $PolicyAssignment variable. The final command updates the display name on the policy assignment on the resource group identified by the ResourceId property of $ResourceGroup.
Example 2: Add a managed identity to the policy assignment
PS C:\> $PolicyAssignment = Get-AzureRmPolicyAssignment -Name 'PolicyAssignment'
PS C:\> Set-AzureRmPolicyAssignment -Id $PolicyAssignment.ResourceId -AssignIdentity -Location 'westus'The first command gets the policy assignment named PolicyAssignment from the current subscription by using the Get-AzureRmPolicyAssignment cmdlet. The command stores that object in the $PolicyAssignment variable. The final command assigns a managed identity to the policy assignment.
Parameters
-ApiVersion
Specifies the version of the resource provider API to use. If you do not specify a version, this cmdlet uses the latest available version.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AssignIdentity
Generate and assign a Microsoft Entra identity for this policy assignment. The identity will be used when executing deployments for 'deployIfNotExists' policies. Location is required when assigning an identity.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
The description for policy assignment
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DisplayName
Specifies a new display name for the policy assignment.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
Specifies the fully qualified resource ID for the policy assignment that this cmdlet modifies.
| Type: | String |
| Aliases: | ResourceId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-InformationAction
Specifies how this cmdlet responds to an information event. The acceptable values for this parameter are:
- Continue
- Ignore
- Inquire
- SilentlyContinue
- Stop
- Suspend
| Type: | ActionPreference |
| Aliases: | infa |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InformationVariable
Specifies an information variable.
| Type: | String |
| Aliases: | iv |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Location
The location of the policy assignment's resource identity. This is required when the -AssignIdentity switch is used.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Metadata
The updated metadata for the policy assignment. This can either be a path to a file name containing the metadata, or the metadata as a string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
Specifies the name of the policy assignment that this cmdlet modifies.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NotScope
The policy assignment not scopes.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Pre
Indicates that this cmdlet considers pre-release API versions when it automatically determines which version to use.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Scope
Specifies the scope at which the policy is applied.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Sku
A hash table which represents sku properties.
| Type: | Hashtable |
| Aliases: | SkuObject |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |