avm-ptn-policyassignment
Azure/avm-ptn-policyassignment/azurerm
Terraform module to deploy policies in Azure and assign them
Terraform Verified Module for applying Azure Poliecs This module is designed to simplify the assignment of policies. Requirements The following requirements are needed by this module: - terraform (~> 1.6) - azapi (>= 1.14.0, azurerm (~> 3.74) - modtm (~> 0.3) - random (~> 3.6) - time (~> 0.9) Resources The following resources are used by this module: - azapi_resource.policy_assignment (resource) - azapi_resource.policy_exemption (resource) - azurerm_role_assignment.this (resource) - modtm_telemetry.telemetry (resource) - random_uuid.telemetry (resource) - time_sleep.before_policy_role_assignments (resource) - azurerm_client_config.telemetry (data source) - modtm_module_source.telemetry (data source) Required Inputs The following input variables are required: location Description: Azure reg
| Name | Type | Description | Default |
|---|---|---|---|
| scope | string | (Required) The Scope at which this Policy Assignment should be applied. Changing | |
| policy_definition_id | string | (Required) The ID of the Policy Definition or Policy Definition Set. Changing th | |
| location | string | Azure region where the resource should be deployed. | |
| schema_validation_enabled | bool | (Optional) Specifies if this Policy should be validated against the schema. Defa | true |
| description | string | (Optional) A description which should be used for this Policy Assignment. | "" |
| metadata | map(any) | (Optional) A mapping of any Metadata for this Policy. | {} |
| non_compliance_messages | set(object({ message | (Optional) A set of non compliance message objects to use for the policy assig | [] |
| resource_selectors | list(object({ name = strin | (Optional) A list of resource selector objects to use for the policy assignment. | [] |
| not_scopes | list(string) | (Optional) Specifies a list of Resource Scopes (for example a Subscription, or a | [] |
| delays | object({ before_policy_ass | A map of delays to apply to the creation and destruction of resources. Included | {} |
| exemptions | list(object({ resource_id | - `name` - (Required) The name of the Policy Exemption. Changing this forces a | [] |
| identity | object({ type = string } | (Optional) An identity block as defined below. - `type` - (Required) System | null |
| parameters | map(any) | (Optional) A mapping of any Parameters for this Policy. | null |
| role_assignments | map(object({ role_definiti | A map of role assignments to create on the <RESOURCE>. The map key is delibera | {} |
| display_name | string | (Optional) The Display Name for this Policy Assignment. | "" |
| enable_telemetry | bool | This variable controls whether or not telemetry is enabled for the module. For m | true |
| enforce | string | (Optional) Specifies if this Policy should be enforced or not? Options are `Defa | "Default" |
| name | string | (Optional) The Display Name for this Policy Assignment. | "" |
| overrides | list(object({ kind = stri | (Optional) A list of override objects to use for the policy assignment. Each obj | [] |
policy_assignment_id — This is the id of the policy assignmentpolicy_assignment_name — This is the name of the policy assignmentresource — Deprecatedresource_id — This is the resource id of the policy assignment.role_assignments — This is the full output for the role assignments.