Microsoft.Authorization policyAssignments template reference

Template format

To create a Microsoft.Authorization/policyAssignments resource, add the following JSON to the resources section of your template.

  "name": "string",
  "type": "Microsoft.Authorization/policyAssignments",
  "apiVersion": "2019-01-01",
  "properties": {
    "displayName": "string",
    "policyDefinitionId": "string",
    "scope": "string",
    "notScopes": [
    "parameters": {},
    "description": "string",
    "metadata": {}
  "sku": {
    "name": "string",
    "tier": "string"
  "location": "string",
  "identity": {
    "type": "string"

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Authorization/policyAssignments object

Name Type Required Value
name string Yes
type enum Yes Microsoft.Authorization/policyAssignments
apiVersion enum Yes 2019-01-01
properties object Yes Properties for the policy assignment. - PolicyAssignmentProperties object
sku object No The policy sku. This property is optional, obsolete, and will be ignored. - PolicySku object
location string No The location of the policy assignment. Only required when utilizing managed identity.
identity object No The managed identity associated with the policy assignment. - Identity object

PolicyAssignmentProperties object

Name Type Required Value
displayName string No The display name of the policy assignment.
policyDefinitionId string No The ID of the policy definition or policy set definition being assigned.
scope string No The scope for the policy assignment.
notScopes array No The policy's excluded scopes. - string
parameters object No Required if a parameter is used in policy rule.
description string No This message will be part of response in case of policy violation.
metadata object No The policy assignment metadata.

PolicySku object

Name Type Required Value
name string Yes The name of the policy sku. Possible values are A0 and A1.
tier string No The policy sku tier. Possible values are Free and Standard.

Identity object

Name Type Required Value
type enum No The identity type. - SystemAssigned or None

Quickstart templates

The following quickstart templates deploy this resource type.