Policy.Autorest/internal/ProxyCmdletDefinitions.ps1
|
# ---------------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Code generated by Microsoft (R) AutoRest Code Generator.Changes may cause incorrect behavior and will be lost if the code # is regenerated. # ---------------------------------------------------------------------------------- <# .Synopsis This operation retrieves a single policy assignment, given its name and the scope it was created at. .Description This operation retrieves a single policy assignment, given its name and the scope it was created at. .Example Get-AzPolicyAssignment .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' Get-AzPolicyAssignment -Name 'PolicyAssignment07' -Scope $ResourceGroup.ResourceId .Example $mgId = 'myManagementGroup' Get-AzPolicyAssignment -Scope '/providers/Microsoft.Management/managementgroups/$mgId' .Example Get-AzPolicyAssignment | Select-Object -Property Scope, PolicyDefinitionID, DisplayName | Format-List .Example Get-AzPolicyAssignment -BackwardCompatible | Select-Object -ExpandProperty properties | Select-Object -Property Scope, PolicyDefinitionID, DisplayName | Format-List .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicyassignment #> function Get-AzPolicyAssignment { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment])] [CmdletBinding(DefaultParameterSetName='Get', PositionalBinding=$false)] param( [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='GetViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List', Mandatory)] [Parameter(ParameterSetName='List1', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the resource group that contains policy assignments. ${ResourceGroupName}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Parameter(ParameterSetName='List3')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String[]] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='List1', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The parent resource path. # Use empty string if there is none. ${ParentResourcePath}, [Parameter(ParameterSetName='List1', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the resource. ${ResourceName}, [Parameter(ParameterSetName='List1', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The namespace of the resource provider. # For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) ${ResourceProviderNamespace}, [Parameter(ParameterSetName='List1', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The resource type name. # For example the type name of a web app is 'sites' (from Microsoft.Web/sites). ${ResourceType}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Parameter(ParameterSetName='List2')] [Parameter(ParameterSetName='List3')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter=atScope() is provided, the returned list only includes all policy assignments that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. # If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the given scope. # If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value}. ${Filter}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Parameter(ParameterSetName='List2')] [Parameter(ParameterSetName='List3')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.Int32] # Maximum number of records to return. # When the $top filter is not provided, it will return 500 records. ${Top}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicyAssignment_Get'; Get1 = 'Az.Policy.private\Get-AzPolicyAssignment_Get1'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicyAssignment_GetViaIdentity'; GetViaIdentity1 = 'Az.Policy.private\Get-AzPolicyAssignment_GetViaIdentity1'; List = 'Az.Policy.private\Get-AzPolicyAssignment_List'; List1 = 'Az.Policy.private\Get-AzPolicyAssignment_List1'; List2 = 'Az.Policy.private\Get-AzPolicyAssignment_List2'; List3 = 'Az.Policy.private\Get-AzPolicyAssignment_List3'; } if (('Get') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('Get') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } if (('Get1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('IdInternal')) { $PSBoundParameters['IdInternal'] = "PlaceholderId" } if (('List', 'List1', 'List3') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('List2') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation retrieves the built-in policy definition with the given name. .Description This operation retrieves the built-in policy definition with the given name. .Example {{ Add code here }} .Example {{ Add code here }} .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicydefinitionbuilt #> function Get-AzPolicyDefinitionBuilt { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the built-in policy definition to get. ${PolicyDefinitionName}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given scope. # If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. # Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. # If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}. ${Filter}, [Parameter(ParameterSetName='List')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.Int32] # Maximum number of records to return. # When the $top filter is not provided, it will return 500 records. ${Top}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicyDefinitionBuilt_Get'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicyDefinitionBuilt_GetViaIdentity'; List = 'Az.Policy.private\Get-AzPolicyDefinitionBuilt_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation retrieves the policy definition in the given subscription with the given name. .Description This operation retrieves the policy definition in the given subscription with the given name. .Example Get-AzPolicyDefinition .Example Get-AzPolicyDefinition -Name 'VMPolicyDefinition' .Example Get-AzPolicyDefinition -Name 'VMPolicyDefinition' -ManagementGroupName 'Dept42' .Example Get-AzPolicyDefinition -SubscriptionId '3bf44b72-c631-427a-b8c8-53e2595398ca' -Builtin .Example Get-AzPolicyDefinition | Where-Object {$_.Properties.metadata.category -eq 'Tags'} .Example Get-AzPolicyDefinition | Select-Object -Property DisplayName, Description, PolicyType, Metadata | Format-List .Example Get-AzPolicyDefinition -BackwardCompatible | Select-Object -ExpandProperty properties | Select-Object -Property DisplayName, Description, PolicyType, Metadata | Format-List .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicydefinition #> function Get-AzPolicyDefinition { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Parameter(ParameterSetName='Get1', Mandatory)] [Alias('PolicyDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy definition to get. ${Name}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='GetViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given scope. # If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. # Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. # If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}. ${Filter}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.Int32] # Maximum number of records to return. # When the $top filter is not provided, it will return 500 records. ${Top}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicyDefinition_Get'; Get1 = 'Az.Policy.private\Get-AzPolicyDefinition_Get1'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicyDefinition_GetViaIdentity'; GetViaIdentity1 = 'Az.Policy.private\Get-AzPolicyDefinition_GetViaIdentity1'; List = 'Az.Policy.private\Get-AzPolicyDefinition_List'; List1 = 'Az.Policy.private\Get-AzPolicyDefinition_List1'; } if (('Get', 'List') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionIdInternal')) { $PSBoundParameters['SubscriptionIdInternal'] = (Get-AzContext).Subscription.Id } if (('Get1', 'List1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation retrieves a single policy exemption, given its name and the scope it was created at. .Description This operation retrieves a single policy exemption, given its name and the scope it was created at. .Example Get-AzPolicyExemption .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' Get-AzPolicyExemption -Name 'PolicyExemption07' -Scope $ResourceGroup.ResourceId .Example $Assignment = Get-AzPolicyAssignment -Name 'PolicyAssignment07' Get-AzPolicyExemption -PolicyAssignmentIdFilter $Assignment.ResourceId .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicyexemption #> function Get-AzPolicyExemption { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption])] [CmdletBinding(DefaultParameterSetName='Get', PositionalBinding=$false)] param( [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Parameter(ParameterSetName='List2')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String[]] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='List1', Mandatory)] [Parameter(ParameterSetName='List2', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the resource group containing the resource. ${ResourceGroupName}, [Parameter(ParameterSetName='List2', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The parent resource path. # Use empty string if there is none. ${ParentResourcePath}, [Parameter(ParameterSetName='List2', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the resource. ${ResourceName}, [Parameter(ParameterSetName='List2', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The namespace of the resource provider. # For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) ${ResourceProviderNamespace}, [Parameter(ParameterSetName='List2', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The resource type name. # For example the type name of a web app is 'sites' (from Microsoft.Web/sites). ${ResourceType}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Parameter(ParameterSetName='List2')] [Parameter(ParameterSetName='List3')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atScope()', 'atExactScope()', 'excludeExpired()' or 'policyAssignmentId eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter is not provided, the unfiltered list includes all policy exemptions associated with the scope, including those that apply directly or apply from containing scopes. # If $filter=atScope() is provided, the returned list only includes all policy exemptions that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. # If $filter=atExactScope() is provided, the returned list only includes all policy exemptions that at the given scope. # If $filter=excludeExpired() is provided, the returned list only includes all policy exemptions that either haven't expired or didn't set expiration date. # If $filter=policyAssignmentId eq '{value}' is provided. # the returned list only includes all policy exemptions that are associated with the give policyAssignmentId. ${Filter}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicyExemption_Get'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicyExemption_GetViaIdentity'; List = 'Az.Policy.private\Get-AzPolicyExemption_List'; List1 = 'Az.Policy.private\Get-AzPolicyExemption_List1'; List2 = 'Az.Policy.private\Get-AzPolicyExemption_List2'; List3 = 'Az.Policy.private\Get-AzPolicyExemption_List3'; } if (('Get') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('Get') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } if (('List', 'List1', 'List2') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('List3') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation retrieves the built-in policy set definition with the given name. .Description This operation retrieves the built-in policy set definition with the given name. .Example {{ Add code here }} .Example {{ Add code here }} .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicysetdefinitionbuilt #> function Get-AzPolicySetDefinitionBuilt { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy set definition to get. ${PolicySetDefinitionName}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given scope. # If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. # Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. # If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}. ${Filter}, [Parameter(ParameterSetName='List')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.Int32] # Maximum number of records to return. # When the $top filter is not provided, it will return 500 records. ${Top}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicySetDefinitionBuilt_Get'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicySetDefinitionBuilt_GetViaIdentity'; List = 'Az.Policy.private\Get-AzPolicySetDefinitionBuilt_List'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation retrieves the policy set definition in the given subscription with the given name. .Description This operation retrieves the policy set definition in the given subscription with the given name. .Example Get-AzPolicySetDefinition .Example Get-AzPolicySetDefinition -Name 'VMPolicySetDefinition' .Example Get-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -subscriptionId '3bf44b72-c631-427a-b8c8-53e2595398ca' .Example Get-AzPolicySetDefinition -ManagementGroupName 'Dept42' -Custom .Example Get-AzPolicySetDefinition | Where-Object {$_.metadata.category -eq "Virtual Machine"} .Example Get-AzPolicySetDefinition -BackwardCompatible | Where-Object {$_.Properties.metadata.category -eq "Virtual Machine"} .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/get-azpolicysetdefinition #> function Get-AzPolicySetDefinition { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] param( [Parameter(ParameterSetName='Get', Mandatory)] [Parameter(ParameterSetName='Get1', Mandatory)] [Alias('PolicySetDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy set definition to get. ${Name}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='GetViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.String] # The filter to apply on the operation. # Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. # If $filter is not provided, no filtering is performed. # If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given scope. # If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. # Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. # If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}. ${Filter}, [Parameter(ParameterSetName='List')] [Parameter(ParameterSetName='List1')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')] [System.Int32] # Maximum number of records to return. # When the $top filter is not provided, it will return 500 records. ${Top}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Policy.private\Get-AzPolicySetDefinition_Get'; Get1 = 'Az.Policy.private\Get-AzPolicySetDefinition_Get1'; GetViaIdentity = 'Az.Policy.private\Get-AzPolicySetDefinition_GetViaIdentity'; GetViaIdentity1 = 'Az.Policy.private\Get-AzPolicySetDefinition_GetViaIdentity1'; List = 'Az.Policy.private\Get-AzPolicySetDefinition_List'; List1 = 'Az.Policy.private\Get-AzPolicySetDefinition_List1'; } if (('Get', 'List') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionIdInternal')) { $PSBoundParameters['SubscriptionIdInternal'] = (Get-AzContext).Subscription.Id } if (('Get1', 'List1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation creates or updates a policy definition in the given subscription with the given name. .Description This operation creates or updates a policy definition in the given subscription with the given name. .Example { "if": { "field": "location", "notIn": ["eastus", "westus", "centralus"] }, "then": { "effect": "audit" } } New-AzPolicyDefinition -Name 'LocationDefinition' -Policy C:\LocationPolicy.json .Example { "if": { "field": "location", "notIn": "[parameters('listOfAllowedLocations')]" }, "then": { "effect": "audit" } } New-AzPolicyDefinition -Name 'LocationDefinition' -Policy C:\LocationPolicy.json -Parameter '{ "listOfAllowedLocations": { "type": "array" } }' .Example New-AzPolicyDefinition -Name 'VMPolicyDefinition' -ManagementGroupName Dept42 -DisplayName 'Virtual Machine policy definition' -Policy '{"if":{"field":"type","equals":"Microsoft.Compute/virtualMachines"},"then":{"effect":"deny"}}' .Example New-AzPolicyDefinition -Name 'VMPolicyDefinition' -Metadata '{"category":"Virtual Machine"}' -Policy '{"if":{"field":"type","equals":"Microsoft.Compute/virtualMachines"},"then":{"effect":"deny"}}' | Format-List .Example New-AzPolicyDefinition -Name 'TagsPolicyDefinition' -Policy '{"if":{"value":"[less(length(field(''tags'')), 3)]","equals":true},"then":{"effect":"deny"}}' -Mode Indexed .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/new-azpolicydefinition #> function New-AzPolicyDefinition { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicyDefinition])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='CreateExpanded', Mandatory)] [Parameter(ParameterSetName='CreateExpanded1', Mandatory)] [Alias('PolicyDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy definition to create. ${Name}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='CreateViaIdentityExpanded1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The policy definition description. ${Description}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The display name of the policy definition. ${DisplayName}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The policy definition mode. # Some examples are All, Indexed, Microsoft.KeyVault.Data. ${Mode}, [Parameter()] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.PolicyType])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.PolicyType] # The type of policy definition. # Possible values are NotSpecified, BuiltIn, Custom, and Static. ${PolicyType}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ CreateExpanded = 'Az.Policy.private\New-AzPolicyDefinition_CreateExpanded'; CreateExpanded1 = 'Az.Policy.private\New-AzPolicyDefinition_CreateExpanded1'; CreateViaIdentityExpanded1 = 'Az.Policy.private\New-AzPolicyDefinition_CreateViaIdentityExpanded1'; } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('CreateExpanded1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation creates or updates a policy exemption with the given scope and name. Policy exemptions apply to all resources contained within their scope. For example, when you create a policy exemption at resource group scope for a policy assignment at the same or above level, the exemption exempts to all applicable resources in the resource group. .Description This operation creates or updates a policy exemption with the given scope and name. Policy exemptions apply to all resources contained within their scope. For example, when you create a policy exemption at resource group scope for a policy assignment at the same or above level, the exemption exempts to all applicable resources in the resource group. .Example $Subscription = Get-AzSubscription -SubscriptionName 'Subscription01' $Assignment = Get-AzPolicyAssignment -Name 'VirtualMachinePolicyAssignment' New-AzPolicyExemption -Name 'VirtualMachinePolicyExemption' -PolicyAssignment $Assignment -Scope "/subscriptions/$($Subscription.Id)" -ExemptionCategory Waiver .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $Assignment = Get-AzPolicyAssignment -Name 'VirtualMachinePolicyAssignment' New-AzPolicyExemption -Name 'VirtualMachinePolicyAssignment' -PolicyAssignment $Assignment -Scope $ResourceGroup.ResourceId -ExemptionCategory Mitigated .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. RESOURCESELECTOR <IResourceSelector[]>: The resource selector list to filter policies by resource properties. [Name <String>]: The name of the resource selector. [Selector <ISelector[]>]: The list of the selector expressions. [In <String[]>]: The list of values to filter in. [Kind <SelectorKind?>]: The selector kind. [NotIn <String[]>]: The list of values to filter out. .Link https://learn.microsoft.com/powershell/module/az.resources/new-azpolicyexemption #> function New-AzPolicyExemption { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(Mandatory)] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.ExemptionCategory])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.ExemptionCategory] # The policy exemption category. # Possible values are Waiver and Mitigated. ${ExemptionCategory}, [Parameter()] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.AssignmentScopeValidation])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.AssignmentScopeValidation] # The option whether validate the exemption is at or under the assignment scope. ${AssignmentScopeValidation}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The description of the policy exemption. ${Description}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The display name of the policy exemption. ${DisplayName}, [Parameter()] [AllowEmptyCollection()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String[]] # The policy definition reference ID list when the associated policy assignment is an assignment of a policy set definition. ${PolicyDefinitionReferenceId}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ CreateExpanded = 'Az.Policy.private\New-AzPolicyExemption_CreateExpanded'; } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('PolicyAssignmentId')) { $PSBoundParameters['PolicyAssignmentId'] = { "" } } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ExpiresOnInternal')) { $PSBoundParameters['ExpiresOnInternal'] = "PlaceholderExpiresOn" } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation creates or updates a policy set definition in the given subscription with the given name. .Description This operation creates or updates a policy set definition in the given subscription with the given name. .Example [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2a0e14a6-b0a6-4fab-991a-187a4f81c498", "parameters": { "tagName": { "value": "Business Unit" }, "tagValue": { "value": "Finance" } } }, { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/464dbb85-3d5f-4a1d-bb09-95a9b5dd19cf" } ] New-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -Metadata '{"category":"Virtual Machine"}' -PolicyDefinition C:\VMPolicySet.json .Example [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2a0e14a6-b0a6-4fab-991a-187a4f81c498", "parameters": { "tagName": { "value": "Business Unit" }, "tagValue": { "value": "[parameters('buTagValue')]" } } }, { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/464dbb85-3d5f-4a1d-bb09-95a9b5dd19cf" } ] New-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -PolicyDefinition C:\VMPolicySet.json -Parameter '{ "buTagValue": { "type": "string" } }' .Example [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2a0e14a6-b0a6-4fab-991a-187a4f81c498", "groupNames": [ "group1" ] }, { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/464dbb85-3d5f-4a1d-bb09-95a9b5dd19cf", "groupNames": [ "group2" ] } ] $groupsJson = ConvertTo-Json @{ name = "group1" }, @{ name = "group2" } New-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -GroupDefinition $groupsJson -PolicyDefinition C:\VMPolicySet.json .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. POLICYDEFINITIONGROUPTABLE <IPolicyDefinitionGroup[]>: The metadata describing groups of policy definition references within the policy set definition. Name <String>: The name of the group. [AdditionalMetadataId <String>]: A resource ID of a resource that contains additional metadata about the group. [Category <String>]: The group's category. [Description <String>]: The group's description. [DisplayName <String>]: The group's display name. POLICYDEFINITIONTABLE <IPolicyDefinitionReference[]>: An array of policy definition references. PolicyDefinitionId <String>: The ID of the policy definition or policy set definition. [GroupName <String[]>]: The name of the groups that this policy definition reference belongs to. [Id <String>]: A unique id (within the policy set definition) for this policy definition reference. [Parameter <IParameterValues>]: The parameter values for the referenced policy rule. The keys are the parameter names. [(Any) <Object>]: This indicates any property can be added to this object. .Link https://learn.microsoft.com/powershell/module/az.resources/new-azpolicysetdefinition #> function New-AzPolicySetDefinition { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20210601.IPolicySetDefinition])] [CmdletBinding(DefaultParameterSetName='CreateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='CreateExpanded', Mandatory)] [Parameter(ParameterSetName='CreateExpanded1', Mandatory)] [Alias('PolicySetDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy set definition to create. ${Name}, [Parameter(ParameterSetName='CreateExpanded')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='CreateViaIdentityExpanded1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The policy set definition description. ${Description}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The display name of the policy set definition. ${DisplayName}, [Parameter()] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.PolicyType])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.PolicyType] # The type of policy definition. # Possible values are NotSpecified, BuiltIn, Custom, and Static. ${PolicyType}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ CreateExpanded = 'Az.Policy.private\New-AzPolicySetDefinition_CreateExpanded'; CreateExpanded1 = 'Az.Policy.private\New-AzPolicySetDefinition_CreateExpanded1'; CreateViaIdentityExpanded1 = 'Az.Policy.private\New-AzPolicySetDefinition_CreateViaIdentityExpanded1'; } if (('CreateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('CreateExpanded1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation deletes a policy assignment, given its name and the scope it was created in. The scope of a policy assignment is the part of its ID preceding '/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. .Description This operation deletes a policy assignment, given its name and the scope it was created in. The scope of a policy assignment is the part of its ID preceding '/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' Remove-AzPolicyAssignment -Name 'PolicyAssignment07' -Scope $ResourceGroup.ResourceId -Force .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment07' -Scope $ResourceGroup.ResourceId Remove-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -Confirm:$false .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment07' -Scope $ResourceGroup.ResourceId Remove-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -Confirm:$false -BackwardCompatible True .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/remove-azpolicyassignment #> function Remove-AzPolicyAssignment { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment])] [CmdletBinding(DefaultParameterSetName='Delete', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='DeleteViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='DeleteViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Delete = 'Az.Policy.private\Remove-AzPolicyAssignment_Delete'; Delete1 = 'Az.Policy.private\Remove-AzPolicyAssignment_Delete1'; DeleteViaIdentity = 'Az.Policy.private\Remove-AzPolicyAssignment_DeleteViaIdentity'; DeleteViaIdentity1 = 'Az.Policy.private\Remove-AzPolicyAssignment_DeleteViaIdentity1'; } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } if (('Delete1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('IdInternal')) { $PSBoundParameters['IdInternal'] = "PlaceholderId" } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation deletes the policy definition in the given subscription with the given name. .Description This operation deletes the policy definition in the given subscription with the given name. .Example Remove-AzPolicyDefinition -Name 'VMPolicyDefinition' .Example $PolicyDefinition = Get-AzPolicyDefinition -Name 'VMPolicyDefinition' Remove-AzPolicyDefinition -Id $PolicyDefinition.ResourceId -Force .Example $PolicyDefinition = Get-AzPolicyDefinition -Name 'VMPolicyDefinition' Remove-AzPolicyDefinition -Id $PolicyDefinition.ResourceId -Force -BackwardCompatible True .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/remove-azpolicydefinition #> function Remove-AzPolicyDefinition { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='Delete', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Delete', Mandatory)] [Parameter(ParameterSetName='Delete1', Mandatory)] [Alias('PolicyDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy definition to delete. ${Name}, [Parameter(ParameterSetName='Delete')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='DeleteViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='DeleteViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Delete = 'Az.Policy.private\Remove-AzPolicyDefinition_Delete'; Delete1 = 'Az.Policy.private\Remove-AzPolicyDefinition_Delete1'; DeleteViaIdentity = 'Az.Policy.private\Remove-AzPolicyDefinition_DeleteViaIdentity'; DeleteViaIdentity1 = 'Az.Policy.private\Remove-AzPolicyDefinition_DeleteViaIdentity1'; } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('Delete1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation deletes a policy exemption, given its name and the scope it was created in. The scope of a policy exemption is the part of its ID preceding '/providers/Microsoft.Authorization/policyExemptions/{policyExemptionName}'. .Description This operation deletes a policy exemption, given its name and the scope it was created in. The scope of a policy exemption is the part of its ID preceding '/providers/Microsoft.Authorization/policyExemptions/{policyExemptionName}'. .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' Remove-AzPolicyExemption -Name 'PolicyExemption07' -Scope $ResourceGroup.ResourceId -Confirm .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' -Scope $ResourceGroup.ResourceId Remove-AzPolicyExemption -Id $PolicyExemption.ResourceId -Confirm .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' -Scope $ResourceGroup.ResourceId Remove-AzPolicyExemption -Id $PolicyExemption.ResourceId -Force -BackwardCompatible True .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/remove-azpolicyexemption #> function Remove-AzPolicyExemption { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='Delete', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='DeleteViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Delete = 'Az.Policy.private\Remove-AzPolicyExemption_Delete'; DeleteViaIdentity = 'Az.Policy.private\Remove-AzPolicyExemption_DeleteViaIdentity'; } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation deletes the policy set definition in the given subscription with the given name. .Description This operation deletes the policy set definition in the given subscription with the given name. .Example $PolicySetDefinition = Get-AzPolicySetDefinition -ResourceId '/subscriptions/mySub/Microsoft.Authorization/policySetDefinitions/myPSSetDefinition' Remove-AzPolicySetDefinition -Id $PolicySetDefinition.ResourceId -Force .Example $PolicySetDefinition = Get-AzPolicySetDefinition -ResourceId '/subscriptions/mySub/Microsoft.Authorization/policySetDefinitions/myPSSetDefinition' Remove-AzPolicySetDefinition -Id $PolicySetDefinition.ResourceId -Force -BackwardCompatible True .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs System.Boolean .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. .Link https://learn.microsoft.com/powershell/module/az.resources/remove-azpolicysetdefinition #> function Remove-AzPolicySetDefinition { [OutputType([System.Boolean])] [CmdletBinding(DefaultParameterSetName='Delete', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='Delete', Mandatory)] [Parameter(ParameterSetName='Delete1', Mandatory)] [Alias('PolicySetDefinitionName')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [System.String] # The name of the policy set definition to delete. ${Name}, [Parameter(ParameterSetName='Delete')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.DefaultInfo(Script='(Get-AzContext).Subscription.Id')] [System.String] # The ID of the target subscription. ${SubscriptionId}, [Parameter(ParameterSetName='DeleteViaIdentity', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='DeleteViaIdentity1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Returns true when the command succeeds ${PassThru}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Delete = 'Az.Policy.private\Remove-AzPolicySetDefinition_Delete'; Delete1 = 'Az.Policy.private\Remove-AzPolicySetDefinition_Delete1'; DeleteViaIdentity = 'Az.Policy.private\Remove-AzPolicySetDefinition_DeleteViaIdentity'; DeleteViaIdentity1 = 'Az.Policy.private\Remove-AzPolicySetDefinition_DeleteViaIdentity1'; } if (('Delete') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('SubscriptionId')) { $PSBoundParameters['SubscriptionId'] = (Get-AzContext).Subscription.Id } if (('Delete1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ManagementGroupId')) { $PSBoundParameters['ManagementGroupId'] = { "" } } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation updates a policy assignment with the given scope and name. Policy assignments apply to all resources contained within their scope. For example, when you assign a policy at resource group scope, that policy applies to all resources in the group. .Description This operation updates a policy assignment with the given scope and name. Policy assignments apply to all resources contained within their scope. For example, when you assign a policy at resource group scope, that policy applies to all resources in the group. .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' -Scope $ResourceGroup.ResourceId Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -DisplayName 'Do not allow VM creation' .Example $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -IdentityType 'SystemAssigned' -Location 'westus' .Example $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' $UserAssignedIdentity = Get-AzUserAssignedIdentity -ResourceGroupName 'ResourceGroup1' -Name 'UserAssignedIdentity1' Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -IdentityType 'UserAssigned' -Location 'westus' -IdentityId $UserAssignedIdentity.Id .Example $Locations = Get-AzLocation | Where-Object {($_.displayname -like 'france*') -or ($_.displayname -like 'uk*')} $AllowedLocations = @{'listOfAllowedLocations'=($Locations.location)} $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -PolicyParameterObject $AllowedLocations .Example { "listOfAllowedLocations": { "value": [ "uksouth", "ukwest", "francecentral", "francesouth" ] } } Update-AzPolicyAssignment -Name 'PolicyAssignment' -PolicyParameter .\AllowedLocations.json .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' -Scope $ResourceGroup.ResourceId Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -EnforcementMode Default .Example $PolicyAssignment = Get-AzPolicyAssignment -Name 'VirtualMachinePolicy' Update-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -NonComplianceMessage @{Message="All resources must follow resource naming guidelines."} .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyAssignment = Get-AzPolicyAssignment -Name 'PolicyAssignment' -Scope $ResourceGroup.ResourceId Set-AzPolicyAssignment -Id $PolicyAssignment.ResourceId -EnforcementMode Default .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. OVERRIDE <IOverride[]>: The policy property value override. [Kind <OverrideKind?>]: The override kind. [Selector <ISelector[]>]: The list of the selector expressions. [In <String[]>]: The list of values to filter in. [Kind <SelectorKind?>]: The selector kind. [NotIn <String[]>]: The list of values to filter out. [Value <String>]: The value to override the policy property. RESOURCESELECTOR <IResourceSelector[]>: The resource selector list to filter policies by resource properties. [Name <String>]: The name of the resource selector. [Selector <ISelector[]>]: The list of the selector expressions. [In <String[]>]: The list of values to filter in. [Kind <SelectorKind?>]: The selector kind. [NotIn <String[]>]: The list of values to filter out. .Link https://learn.microsoft.com/powershell/module/az.resources/update-azpolicyassignment #> function Update-AzPolicyAssignment { [Alias('Set-AzPolicyAssignment')] [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IPolicyAssignment])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Parameter(ParameterSetName='UpdateViaIdentityExpanded1', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.ResourceIdentityType])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.ResourceIdentityType] # The identity type. # This is the only required field when adding a system or user assigned identity to a resource. ${IdentityType}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.Info(PossibleTypes=([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220601.IIdentityUserAssignedIdentities]))] [System.Collections.Hashtable] # The user identity associated with the policy. # The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. ${IdentityUserAssignedIdentity}, [Parameter()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [System.String] # The location of the policy assignment. # Only required when utilizing managed identity. ${Location}, [Parameter()] [AllowEmptyCollection()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.ApiV1.IOverride[]] # The policy property value override. # To construct, see NOTES section for OVERRIDE properties and create a hash table. ${Override}, [Parameter()] [AllowEmptyCollection()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.ApiV1.IResourceSelector[]] # The resource selector list to filter policies by resource properties. # To construct, see NOTES section for RESOURCESELECTOR properties and create a hash table. ${ResourceSelector}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ UpdateExpanded = 'Az.Policy.private\Update-AzPolicyAssignment_UpdateExpanded'; UpdateExpanded1 = 'Az.Policy.private\Update-AzPolicyAssignment_UpdateExpanded1'; UpdateViaIdentityExpanded = 'Az.Policy.private\Update-AzPolicyAssignment_UpdateViaIdentityExpanded'; UpdateViaIdentityExpanded1 = 'Az.Policy.private\Update-AzPolicyAssignment_UpdateViaIdentityExpanded1'; } if (('UpdateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('UpdateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } if (('UpdateExpanded1') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('IdInternal')) { $PSBoundParameters['IdInternal'] = "PlaceholderId" } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } <# .Synopsis This operation updates a policy exemption with the given scope and name. .Description This operation updates a policy exemption with the given scope and name. .Example $ResourceGroup = Get-AzResourceGroup -Name 'ResourceGroup11' $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' -Scope $ResourceGroup.ResourceId Update-AzPolicyExemption -Id $PolicyExemption.ResourceId -DisplayName 'Exempt VM creation limit' .Example $NextMonth = (Get-Date).AddMonths(1) $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' Update-AzPolicyExemption -Id $PolicyExemption.ResourceId -ExpiresOn $NextMonth .Example $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' Update-AzPolicyExemption -Id $PolicyExemption.ResourceId -ClearExpiration .Example $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' Update-AzPolicyExemption -Id $PolicyExemption.ResourceId -ExemptionCategory Mitigated .Example $PolicyExemption = Get-AzPolicyExemption -Name 'PolicyExemption07' Set-AzPolicyExemption -Id $PolicyExemption.ResourceId -ClearExpiration .Inputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. INPUTOBJECT <IPolicyIdentity>: Identity Parameter [Id <String>]: Resource identity path [ManagementGroupId <String>]: The ID of the management group. [ParentResourcePath <String>]: The parent resource path. Use empty string if there is none. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicyExemptionName <String>]: The name of the policy exemption to delete. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains policy assignments. [ResourceName <String>]: The name of the resource. [ResourceProviderNamespace <String>]: The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines) [ResourceType <String>]: The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). [Scope <String>]: The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' [SubscriptionId <String>]: The ID of the target subscription. RESOURCESELECTOR <IResourceSelector[]>: The resource selector list to filter policies by resource properties. [Name <String>]: The name of the resource selector. [Selector <ISelector[]>]: The list of the selector expressions. [In <String[]>]: The list of values to filter in. [Kind <SelectorKind?>]: The selector kind. [NotIn <String[]>]: The list of values to filter out. .Link https://learn.microsoft.com/powershell/module/az.resources/update-azpolicyexemption #> function Update-AzPolicyExemption { [Alias('Set-AzPolicyExemption')] [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.Api20220701Preview.IPolicyExemption])] [CmdletBinding(DefaultParameterSetName='UpdateExpanded', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] param( [Parameter(ParameterSetName='UpdateViaIdentityExpanded', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Models.IPolicyIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter()] [ArgumentCompleter([Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.AssignmentScopeValidation])] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Support.AssignmentScopeValidation] # The option whether validate the exemption is at or under the assignment scope. ${AssignmentScopeValidation}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Azure')] [System.Management.Automation.PSObject] # The DefaultProfile parameter is not functional. # Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ UpdateExpanded = 'Az.Policy.private\Update-AzPolicyExemption_UpdateExpanded'; UpdateViaIdentityExpanded = 'Az.Policy.private\Update-AzPolicyExemption_UpdateViaIdentityExpanded'; } if (('UpdateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('NameInternal')) { $PSBoundParameters['NameInternal'] = "PlaceholderName" } if (('UpdateExpanded') -contains $parameterSet -and -not $PSBoundParameters.ContainsKey('ScopeInternal')) { $PSBoundParameters['ScopeInternal'] = /subscriptions/((Get-AzContext).Subscription.Id) } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # SIG # Begin signature block # MIIoKgYJKoZIhvcNAQcCoIIoGzCCKBcCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAqJLEj3XmllchB # gfwskpQMWuHX/3Lz+920kQM7Xb5lR6CCDXYwggX0MIID3KADAgECAhMzAAADTrU8 # esGEb+srAAAAAANOMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMwMzE2MTg0MzI5WhcNMjQwMzE0MTg0MzI5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDdCKiNI6IBFWuvJUmf6WdOJqZmIwYs5G7AJD5UbcL6tsC+EBPDbr36pFGo1bsU # p53nRyFYnncoMg8FK0d8jLlw0lgexDDr7gicf2zOBFWqfv/nSLwzJFNP5W03DF/1 # 1oZ12rSFqGlm+O46cRjTDFBpMRCZZGddZlRBjivby0eI1VgTD1TvAdfBYQe82fhm # WQkYR/lWmAK+vW/1+bO7jHaxXTNCxLIBW07F8PBjUcwFxxyfbe2mHB4h1L4U0Ofa # +HX/aREQ7SqYZz59sXM2ySOfvYyIjnqSO80NGBaz5DvzIG88J0+BNhOu2jl6Dfcq # jYQs1H/PMSQIK6E7lXDXSpXzAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUnMc7Zn/ukKBsBiWkwdNfsN5pdwAw # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMDUxNjAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAD21v9pHoLdBSNlFAjmk # mx4XxOZAPsVxxXbDyQv1+kGDe9XpgBnT1lXnx7JDpFMKBwAyIwdInmvhK9pGBa31 # TyeL3p7R2s0L8SABPPRJHAEk4NHpBXxHjm4TKjezAbSqqbgsy10Y7KApy+9UrKa2 # kGmsuASsk95PVm5vem7OmTs42vm0BJUU+JPQLg8Y/sdj3TtSfLYYZAaJwTAIgi7d # hzn5hatLo7Dhz+4T+MrFd+6LUa2U3zr97QwzDthx+RP9/RZnur4inzSQsG5DCVIM # pA1l2NWEA3KAca0tI2l6hQNYsaKL1kefdfHCrPxEry8onJjyGGv9YKoLv6AOO7Oh # JEmbQlz/xksYG2N/JSOJ+QqYpGTEuYFYVWain7He6jgb41JbpOGKDdE/b+V2q/gX # UgFe2gdwTpCDsvh8SMRoq1/BNXcr7iTAU38Vgr83iVtPYmFhZOVM0ULp/kKTVoir # IpP2KCxT4OekOctt8grYnhJ16QMjmMv5o53hjNFXOxigkQWYzUO+6w50g0FAeFa8 # 5ugCCB6lXEk21FFB1FdIHpjSQf+LP/W2OV/HfhC3uTPgKbRtXo83TZYEudooyZ/A # Vu08sibZ3MkGOJORLERNwKm2G7oqdOv4Qj8Z0JrGgMzj46NFKAxkLSpE5oHQYP1H # tPx1lPfD7iNSbJsP6LiUHXH1MIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGgowghoGAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAANOtTx6wYRv6ysAAAAAA04wDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIKxIpOMiy5vEkT28VrYRuHXc # YiuYYJD/thoso/J7Om7UMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAwL4Q2wzO0WIlAsA7sLIraFeOI8ZHlhgPHhSM4YIg1IPRpv7J0Vss2wnf # 73Lzb2Tzf5dabwm6QdD5n8LhQqb20Ur1r6j+G/yFs74gPLAsDymTq6DJiSRBppXe # 9ydXe3KAp9Vso1foQbE6/z5oZAK95LDhuf/ob174McEytcDKFUQY6N583oVVHpYa # iBdcW5rtpco/b27BEEEWzSJ5MpEZSS6Ktq2cUcoKSCaj4fmEs0vqem6GH0WFaDm3 # GpJHREMPGWZsjvyivPsbf25F2nN8bo+D6F39FOpMl0+wE/5g4gsW+Uc4jn4J4AnV # Tc1ZOCbY7HCrIACANwlyFBSWsmwgm6GCF5QwgheQBgorBgEEAYI3AwMBMYIXgDCC # F3wGCSqGSIb3DQEHAqCCF20wghdpAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFSBgsq # hkiG9w0BCRABBKCCAUEEggE9MIIBOQIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCBPLiud8ZexK7Q17+Q4nJGJsY21I/6I0xxv9UreBhdF1QIGZVbVi/mn # GBMyMDIzMTEyNzA2MzExNC41NzJaMASAAgH0oIHRpIHOMIHLMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046MzMwMy0w # NUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Wg # ghHqMIIHIDCCBQigAwIBAgITMwAAAcyGpdw369lhLQABAAABzDANBgkqhkiG9w0B # AQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0yMzA1MjUxOTEy # MDFaFw0yNDAyMDExOTEyMDFaMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25z # MScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046MzMwMy0wNUUwLUQ5NDcxJTAjBgNV # BAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQDMsSIF8e9NmEc+83NVZGgWWZi/wBYt8zhxAfSGM7xw # 7K7CbA/1A4GhovPvkIY873tnyzdyZe+6YHXx+Rd618lQDmmm5X4euiYG53Ld7WIK # +Dd+hyi0H97D6HM4ZzGqovmwB0fZ3lh+phJLoPT+9yrTLFzkkKw2Vcb7wXMBziD0 # MVVYbmwRlRaypTntl39IENCEijW9j6MElTyXP2zrc0OthQN5RrMTY5iZja3MyHCF # mYMGinmHftsaG3Ydi8Ga8BQjdtoTm5dVhnqs2qKNEOqZSon28R4Xff0tlJL5UHyI # 3bywH/+zQeJu8qnsSCi8VFPOsZEb6cZzhXHaAiSGtdKAbQRaAIhExbIUpeJypC7l # +wqKC3BO9ADGupB9ZgUFbSv5ECFjMDzbfm8M5zz2A4xYNPQXqZv0wGWL+jTvb7kF # YiDPPe+zRyBbzmrSpObB7XqjqzUFNKlwp+Mx15k1F7FMs5EM2uG68IQsdAGBkZbS # DmuGmjPbZ7dtim+XHuh3NS6JmXYPS7rikpCbUsMZMn5eWxiWFIk6f00skR4RLWmh # 0N6Oq+KYI1fA59LzGiAbOrcxgvQkRo3OD4o1JW9z1TNMwEbkzPrXMo8rrGsuGoyY # Wcsm9xhd0GXIRHHC64nzbI3e0G5jqEsWQc4uaQeSRyr70KRijzVyWjjYfsEtvVMl # JwIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFIKmHGRdPIdLRXtsR5XRSyM3+2kMMB8G # A1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCG # Tmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUy # MFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4w # XAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2Vy # dHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwG # A1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQD # AgeAMA0GCSqGSIb3DQEBCwUAA4ICAQB5GUMo9XviUl3g72u8oQTorIKDoAdgWZ4L # Q9+dAEQCmaetsThkxbNm15seu7GmwpZdhMQN8TNddGki5s5Ie+aA2VEo9vZz31ll # usHBXAVrQtpufQqtIA+2nnusfaYviitr6p5kVT609LITOYgdKRWEpfx/4yT5R9yM # eKxoxkk8tyGiGPZK40ST5Z14OPdJfVbkYeCvlLQclsX1+WBZNx/XZvazJmXjvYjT # uG0QbZpxw4ZO3ZoffQYxZYRzn0z41U7MDFlXo2ihfasdbHuua6kpHxJ9AIoUevh3 # mzvUxYp0u0z3wYDPpLuo+M2VYh8XOCUB0u75xG3S5+98TKmFbqZYgpgr6P+YKeao # 2YpB1izs850YSzuwaX7kRxAURlmN/j5Hv4wabnOfZb36mDqJp4IeGmwPtwI8tEPs # uRAmyreejyhkZV7dfgJ4N83QBhpHVZlB4FmlJR8yF3aB15QW6tw4CaH+PMIDud6G # eOJO4cQE+lTc6rIJmN4cfi2TTG7e49TvhCXfBS2pzOyb9YemSm0krk8jJh6zgeGq # ztk7zewfE+3shQRc74sXLY58pvVoznfgfGvy1llbq4Oey96KouwiuhDtxuKlTnW7 # pw7xaNPhIMsOxW8dpSp915FtKfOqKR/dfJOsbHDSJY/iiJz4mWKAGoydeLM6zLmo # hRCPWk/Q5jCCB3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZI # hvcNAQELBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw # DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x # MjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAy # MDEwMB4XDTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC # AQDk4aZM57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25Phdg # M/9cT8dm95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPF # dvWGUNzBRMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6 # GnszrYBbfowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBp # Dco2LXCOMcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50Zu # yjLVwIYwXE8s4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3E # XzTdEonW/aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0 # lBw0gg/wEPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1q # GFphAXPKZ6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ # +QuJYfM2BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PA # PBXbGjfHCBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkw # EgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxG # NSnPEP8vBO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARV # MFMwUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAK # BggrBgEFBQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC # AYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvX # zpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v # cGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYI # KwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG # 9w0BAQsFAAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0x # M7U518JxNj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmC # VgADsAW+iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449 # xvNo32X2pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wM # nosZiefwC2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDS # PeZKPmY7T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2d # Y3RILLFORy3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxn # GSgkujhLmm77IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+Crvs # QWY9af3LwUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokL # jzbaukz5m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL # 6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggNN # MIICNQIBATCB+aGB0aSBzjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEn # MCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjMzMDMtMDVFMC1EOTQ3MSUwIwYDVQQD # ExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQBO # TuZ3uYfiihS4zRToxisDt9mJpKCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMA0GCSqGSIb3DQEBCwUAAgUA6Q6CvDAiGA8yMDIzMTEyNzAyNTE0 # MFoYDzIwMjMxMTI4MDI1MTQwWjB0MDoGCisGAQQBhFkKBAExLDAqMAoCBQDpDoK8 # AgEAMAcCAQACAgO0MAcCAQACAhPHMAoCBQDpD9Q8AgEAMDYGCisGAQQBhFkKBAIx # KDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJKoZI # hvcNAQELBQADggEBAJfjyFeWtfBubQX2FBIG18ePEP40+f5z8qhq+bEqO/shA2uZ # J04SAUqNi07fK4Wi4WhCSBjsEHDIzHaibiYn/O5IhoCUcdLryZ/qy0N2WUi5c6rI # 9LuyGYFFdMfSNB1X5yGd5eaqZHbP+wBqmGs+/feS+2bps/g0/n9VZKqScBEkcy06 # ZnTFU9R/lvwtUURaCZWPlrR8yZqd+sIq4hR0vT3anntP94OuKAX1cmyLWzzQvgG/ # KT6R61PySIyH8xYJx7N5BqIHCfIWJAWD0maqYDbRCJPQ/8RskggG+NPvX8og+7sF # WJOHv1MmRT/3UN2GWNbR+pK4ptcZRW76fqthUykxggQNMIIECQIBATCBkzB8MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy # b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAcyGpdw369lhLQABAAABzDAN # BglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8G # CSqGSIb3DQEJBDEiBCBEcsoPTqi++xC1OtI9Xed2CaLyfi7VpCuhradyANbXLDCB # +gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EINbuZQHC/sMCE+cgKVSkwKpDICfn # efFZYgDbF4HrcFjmMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh # c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD # b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIw # MTACEzMAAAHMhqXcN+vZYS0AAQAAAcwwIgQgIxiEY8UGbJ12KrwN0MoMk0MCQc4r # Uf8A6xeYHxNpzS4wDQYJKoZIhvcNAQELBQAEggIANQnRtCaZQPFxFVpQn3PC1v3M # LwNBq0XfYwQw93JY1Kt1pEjxjlUtAv6qYKCFf0seR8CegqjMiphd+f7hSVsasXyX # JM3KtL7BzEwhYTmLwn8PP1ZmHj1URNDNBmptrNfUBrbhka6kVe/hhDKe+6/0ooXD # 050rPCpZSTTgS3axtjnA0nuvLp13xS/NDMhcAcMRQrVIPSOmCMLxtLeR05gZ8tc0 # Rnkiei38MKTIlM9sxZRl2c1bBkBL+pLa48/onLc6tdF63h1x/vQfIoaTEPJdDK1Q # El4qMalieQVMvwdsCJLuSybsYabzAKcz5MsUP/V+enAcUrvXiprfoBpE9Hh6H4Yl # XTcfvYQcUfhxxcGdVWNCrbH1oXtJGfggp7qTrLeunAkA+NBODWH0vgMzsyaV2v8v # mTeqBoWIGjjAQIesprynGHWFARr2dU1W13lAPYKU25HtYAjt4xTYOjrMwqWj/zpn # A91AvzeZPo4ulUcDAQT2BS4YdfAOgwZeou9PbuTtaz7qQkOP63UGXtAVVNg6Ah9S # 0wiPh76SLdBLdWcC+qRQroEQwQXI843UgRIp/A0gt+jDPQ0eLcxItutsLjrVn39o # CR6rPIKVTfDH7eEV4tEKgKbgkGTvYFQpEJHjMRVm4QzApJxDkp4L+2LtVGeHnl4N # ZwjVlR5pw7CSAIOYJuQ= # SIG # End signature block |