com.pulumi.azure.policy.kotlin.Definition.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.policy.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [Definition].
*/
@PulumiTagMarker
public class DefinitionResourceBuilder internal constructor() {
public var name: String? = null
public var args: DefinitionArgs = DefinitionArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend DefinitionArgsBuilder.() -> Unit) {
val builder = DefinitionArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): Definition {
val builtJavaResource = com.pulumi.azure.policy.Definition(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return Definition(builtJavaResource)
}
}
/**
* Manages a policy rule definition on a management group or your provider subscription.
* Policy definitions do not take effect until they are assigned to a scope using a Policy Assignment.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const policy = new azure.policy.Definition("policy", {
* name: "accTestPolicy",
* policyType: "Custom",
* mode: "Indexed",
* displayName: "acceptance test policy definition",
* metadata: ` {
* "category": "General"
* }
* `,
* policyRule: ` {
* "if": {
* "not": {
* "field": "location",
* "in": "[parameters('allowedLocations')]"
* }
* },
* "then": {
* "effect": "audit"
* }
* }
* `,
* parameters: ` {
* "allowedLocations": {
* "type": "Array",
* "metadata": {
* "description": "The list of allowed locations for resources.",
* "displayName": "Allowed locations",
* "strongType": "location"
* }
* }
* }
* `,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* policy = azure.policy.Definition("policy",
* name="accTestPolicy",
* policy_type="Custom",
* mode="Indexed",
* display_name="acceptance test policy definition",
* metadata=""" {
* "category": "General"
* }
* """,
* policy_rule=""" {
* "if": {
* "not": {
* "field": "location",
* "in": "[parameters('allowedLocations')]"
* }
* },
* "then": {
* "effect": "audit"
* }
* }
* """,
* parameters=""" {
* "allowedLocations": {
* "type": "Array",
* "metadata": {
* "description": "The list of allowed locations for resources.",
* "displayName": "Allowed locations",
* "strongType": "location"
* }
* }
* }
* """)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var policy = new Azure.Policy.Definition("policy", new()
* {
* Name = "accTestPolicy",
* PolicyType = "Custom",
* Mode = "Indexed",
* DisplayName = "acceptance test policy definition",
* Metadata = @" {
* ""category"": ""General""
* }
* ",
* PolicyRule = @" {
* ""if"": {
* ""not"": {
* ""field"": ""location"",
* ""in"": ""[parameters('allowedLocations')]""
* }
* },
* ""then"": {
* ""effect"": ""audit""
* }
* }
* ",
* Parameters = @" {
* ""allowedLocations"": {
* ""type"": ""Array"",
* ""metadata"": {
* ""description"": ""The list of allowed locations for resources."",
* ""displayName"": ""Allowed locations"",
* ""strongType"": ""location""
* }
* }
* }
* ",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/policy"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := policy.NewDefinition(ctx, "policy", &policy.DefinitionArgs{
* Name: pulumi.String("accTestPolicy"),
* PolicyType: pulumi.String("Custom"),
* Mode: pulumi.String("Indexed"),
* DisplayName: pulumi.String("acceptance test policy definition"),
* Metadata: pulumi.String(" {\n \"category\": \"General\"\n }\n\n"),
* PolicyRule: pulumi.String(` {
* "if": {
* "not": {
* "field": "location",
* "in": "[parameters('allowedLocations')]"
* }
* },
* "then": {
* "effect": "audit"
* }
* }
* `),
* Parameters: pulumi.String(` {
* "allowedLocations": {
* "type": "Array",
* "metadata": {
* "description": "The list of allowed locations for resources.",
* "displayName": "Allowed locations",
* "strongType": "location"
* }
* }
* }
* `),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.policy.Definition;
* import com.pulumi.azure.policy.DefinitionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var policy = new Definition("policy", DefinitionArgs.builder()
* .name("accTestPolicy")
* .policyType("Custom")
* .mode("Indexed")
* .displayName("acceptance test policy definition")
* .metadata("""
* {
* "category": "General"
* }
* """)
* .policyRule("""
* {
* "if": {
* "not": {
* "field": "location",
* "in": "[parameters('allowedLocations')]"
* }
* },
* "then": {
* "effect": "audit"
* }
* }
* """)
* .parameters("""
* {
* "allowedLocations": {
* "type": "Array",
* "metadata": {
* "description": "The list of allowed locations for resources.",
* "displayName": "Allowed locations",
* "strongType": "location"
* }
* }
* }
* """)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* policy:
* type: azure:policy:Definition
* properties:
* name: accTestPolicy
* policyType: Custom
* mode: Indexed
* displayName: acceptance test policy definition
* metadata: |2+
* {
* "category": "General"
* }
* policyRule: |2
* {
* "if": {
* "not": {
* "field": "location",
* "in": "[parameters('allowedLocations')]"
* }
* },
* "then": {
* "effect": "audit"
* }
* }
* parameters: |2
* {
* "allowedLocations": {
* "type": "Array",
* "metadata": {
* "description": "The list of allowed locations for resources.",
* "displayName": "Allowed locations",
* "strongType": "location"
* }
* }
* }
* ```
*
* ## Import
* Policy Definitions can be imported using the `policy name`, e.g.
* ```sh
* $ pulumi import azure:policy/definition:Definition examplePolicy /subscriptions//providers/Microsoft.Authorization/policyDefinitions/
* ```
* or
* ```sh
* $ pulumi import azure:policy/definition:Definition examplePolicy /providers/Microsoft.Management/managementgroups//providers/Microsoft.Authorization/policyDefinitions/
* ```
*/
public class Definition internal constructor(
override val javaResource: com.pulumi.azure.policy.Definition,
) : KotlinCustomResource(javaResource, DefinitionMapper) {
/**
* The description of the policy definition.
*/
public val description: Output?
get() = javaResource.description().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The display name of the policy definition.
*/
public val displayName: Output
get() = javaResource.displayName().applyValue({ args0 -> args0 })
/**
* The id of the Management Group where this policy should be defined. Changing this forces a new resource to be created.
*/
public val managementGroupId: Output?
get() = javaResource.managementGroupId().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The metadata for the policy definition. This is a JSON string representing additional metadata that should be stored with the policy definition.
*/
public val metadata: Output
get() = javaResource.metadata().applyValue({ args0 -> args0 })
/**
* The policy resource manager mode that allows you to specify which resource types will be evaluated. Possible values are `All`, `Indexed`, `Microsoft.ContainerService.Data`, `Microsoft.CustomerLockbox.Data`, `Microsoft.DataCatalog.Data`, `Microsoft.KeyVault.Data`, `Microsoft.Kubernetes.Data`, `Microsoft.MachineLearningServices.Data`, `Microsoft.Network.Data` and `Microsoft.Synapse.Data`.
* > **Note:** Other resource provider modes only support built-in policy definitions but may later become available in custom definitions, these include; `Microsoft.ContainerService.Data`, `Microsoft.CustomerLockbox.Data`, `Microsoft.DataCatalog.Data`, `Microsoft.KeyVault.Data`, `Microsoft.Kubernetes.Data`, `Microsoft.MachineLearningServices.Data`, `Microsoft.Network.Data` and `Microsoft.Synapse.Data`. [See here](https://docs.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#resource-provider-modes) for more details.
*/
public val mode: Output
get() = javaResource.mode().applyValue({ args0 -> args0 })
/**
* The name of the policy definition. Changing this forces a new resource to be created.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* Parameters for the policy definition. This field is a JSON string that allows you to parameterize your policy definition.
*/
public val parameters: Output?
get() = javaResource.parameters().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The policy rule for the policy definition. This is a JSON string representing the rule that contains an if and a then block.
*/
public val policyRule: Output?
get() = javaResource.policyRule().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The policy type. Possible values are `BuiltIn`, `Custom`, `NotSpecified` and `Static`. Changing this forces a new resource to be created.
*/
public val policyType: Output
get() = javaResource.policyType().applyValue({ args0 -> args0 })
/**
* A list of role definition id extracted from `policy_rule` required for remediation.
*/
public val roleDefinitionIds: Output>
get() = javaResource.roleDefinitionIds().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
}
public object DefinitionMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.policy.Definition::class == javaResource::class
override fun map(javaResource: Resource): Definition = Definition(
javaResource as
com.pulumi.azure.policy.Definition,
)
}
/**
* @see [Definition].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [Definition].
*/
public suspend fun definition(name: String, block: suspend DefinitionResourceBuilder.() -> Unit): Definition {
val builder = DefinitionResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [Definition].
* @param name The _unique_ name of the resulting resource.
*/
public fun definition(name: String): Definition {
val builder = DefinitionResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy