Policy Definitions - Create Or Update

Creates or updates a policy definition in a subscription.
This operation creates or updates a policy definition in the given subscription with the given name.

PUT https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}?api-version=2018-05-01

URI Parameters

Name In Required Type Description
subscriptionId
path True
  • string

The ID of the target subscription.

policyDefinitionName
path True
  • string

The name of the policy definition to create.

api-version
query True
  • string

The API version to use for the operation.

Request Body

Name Type Description
properties.description
  • string

The policy definition description.

properties.displayName
  • string

The display name of the policy definition.

properties.metadata
  • object

The policy definition metadata.

properties.mode

The policy definition mode. Possible values are NotSpecified, Indexed, and All.

properties.parameters
  • object

Required if a parameter is used in policy rule.

properties.policyRule
  • object

The policy rule.

properties.policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

Responses

Name Type Description
201 Created

Created - Returns information about the policy definition.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create or update a policy definition

Sample Request

PUT https://management.azure.com/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming?api-version=2018-05-01
{
  "properties": {
    "displayName": "Enforce resource naming convention",
    "description": "Force resource names to begin with given 'prefix' and/or end with given 'suffix'",
    "metadata": {
      "category": "Naming"
    },
    "policyRule": {
      "if": {
        "not": {
          "field": "name",
          "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]"
        }
      },
      "then": {
        "effect": "deny"
      }
    },
    "parameters": {
      "prefix": {
        "type": "String",
        "metadata": {
          "displayName": "Prefix",
          "description": "Resource name prefix"
        }
      },
      "suffix": {
        "type": "String",
        "metadata": {
          "displayName": "Suffix",
          "description": "Resource name suffix"
        }
      }
    }
  }
}

Sample Response

{
  "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "ResourceNaming",
  "properties": {
    "displayName": "Naming Convention",
    "description": "Force resource names to begin with 'prefix' and end with 'suffix'",
    "metadata": {
      "category": "Naming"
    },
    "policyRule": {
      "if": {
        "not": {
          "field": "name",
          "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]"
        }
      },
      "then": {
        "effect": "deny"
      }
    },
    "parameters": {
      "prefix": {
        "type": "String",
        "metadata": {
          "displayName": "Prefix",
          "description": "Resource name prefix"
        }
      },
      "suffix": {
        "type": "String",
        "metadata": {
          "displayName": "Suffix",
          "description": "Resource name suffix"
        }
      }
    },
    "policyType": "Custom"
  }
}

Definitions

PolicyDefinition

The policy definition.

policyMode

The policy definition mode. Possible values are NotSpecified, Indexed, and All.

policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

PolicyDefinition

The policy definition.

Name Type Description
id
  • string

The ID of the policy definition.

name
  • string

The name of the policy definition.

properties.description
  • string

The policy definition description.

properties.displayName
  • string

The display name of the policy definition.

properties.metadata
  • object

The policy definition metadata.

properties.mode

The policy definition mode. Possible values are NotSpecified, Indexed, and All.

properties.parameters
  • object

Required if a parameter is used in policy rule.

properties.policyRule
  • object

The policy rule.

properties.policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

type
  • string

The type of the resource (Microsoft.Authorization/policyDefinitions).

policyMode

The policy definition mode. Possible values are NotSpecified, Indexed, and All.

Name Type Description
All
  • string
Indexed
  • string
NotSpecified
  • string

policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

Name Type Description
BuiltIn
  • string
Custom
  • string
NotSpecified
  • string