Policy Set Definitions - Create Or Update At Management Group

Creates or updates a policy set definition.
This operation creates or updates a policy set definition in the given management group with the given name.

PUT https://management.azure.com/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}?api-version=2018-05-01

URI Parameters

Name In Required Type Description
managementGroupId
path True
  • string

The ID of the management group.

policySetDefinitionName
path True
  • string

The name of the policy set definition to create.

api-version
query True
  • string

The API version to use for the operation.

Request Body

Name Required Type Description
properties.description
  • string

The policy set definition description.

properties.displayName
  • string

The display name of the policy set definition.

properties.metadata
  • object

The policy set definition metadata.

properties.parameters
  • object

The policy set definition parameters that can be used in policy definition references.

properties.policyDefinitions True

An array of policy definition references.

properties.policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

Responses

Name Type Description
200 OK

OK - Returns information about the policy set definition.

201 Created

Created - Returns information about the policy set definition.

Other Status Codes

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create or update a policy set definition at management group level

Sample Request

PUT https://management.azure.com/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement?api-version=2018-05-01
{
  "properties": {
    "displayName": "Cost Management",
    "description": "Policies to enforce low cost storage SKUs",
    "metadata": {
      "category": "Cost Management"
    },
    "policyDefinitions": [
      {
        "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
        "parameters": {
          "listOfAllowedSKUs": {
            "value": [
              "Standard_GRS",
              "Standard_LRS"
            ]
          }
        }
      },
      {
        "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
        "parameters": {
          "prefix": {
            "value": "DeptA"
          },
          "suffix": {
            "value": "-LC"
          }
        }
      }
    ]
  }
}

Sample Response

{
  "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "CostManagement",
  "properties": {
    "displayName": "Cost Management",
    "description": "Policies to enforce low cost storage SKUs",
    "metadata": {
      "category": "Cost Management"
    },
    "policyDefinitions": [
      {
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
        "parameters": {
          "listOfAllowedSKUs": {
            "value": [
              "Standard_GRS",
              "Standard_LRS"
            ]
          }
        }
      },
      {
        "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
        "parameters": {
          "prefix": {
            "value": "DeptA"
          },
          "suffix": {
            "value": "-LC"
          }
        }
      }
    ]
  }
}
{
  "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement",
  "type": "Microsoft.Authorization/policySetDefinitions",
  "name": "CostManagement",
  "properties": {
    "displayName": "Cost Management",
    "description": "Policies to enforce low cost storage SKUs",
    "metadata": {
      "category": "Cost Management"
    },
    "policyDefinitions": [
      {
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1",
        "parameters": {
          "listOfAllowedSKUs": {
            "value": [
              "Standard_GRS",
              "Standard_LRS"
            ]
          }
        }
      },
      {
        "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
        "parameters": {
          "prefix": {
            "value": "DeptA"
          },
          "suffix": {
            "value": "-LC"
          }
        }
      }
    ]
  }
}

Definitions

ErrorResponse

Error response indicates Azure Resource Manager is not able to process the incoming request. The reason is provided in the error message.

PolicyDefinitionReference

The policy definition reference.

PolicySetDefinition

The policy set definition.

policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

ErrorResponse

Error response indicates Azure Resource Manager is not able to process the incoming request. The reason is provided in the error message.

Name Type Description
errorCode
  • string

Error code.

errorMessage
  • string

Error message indicating why the operation failed.

httpStatus
  • string

Http status code.

PolicyDefinitionReference

The policy definition reference.

Name Type Description
parameters
  • object

Required if a parameter is used in policy rule.

policyDefinitionId
  • string

The ID of the policy definition or policy set definition.

PolicySetDefinition

The policy set definition.

Name Type Description
id
  • string

The ID of the policy set definition.

name
  • string

The name of the policy set definition.

properties.description
  • string

The policy set definition description.

properties.displayName
  • string

The display name of the policy set definition.

properties.metadata
  • object

The policy set definition metadata.

properties.parameters
  • object

The policy set definition parameters that can be used in policy definition references.

properties.policyDefinitions

An array of policy definition references.

properties.policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

type
  • string

The type of the resource (Microsoft.Authorization/policySetDefinitions).

policyType

The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.

Name Type Description
BuiltIn
  • string
Custom
  • string
NotSpecified
  • string