azure.mgmt.policyinsights.models module¶

class azure.mgmt.policyinsights.models.Attestation(*, policy_assignment_id: str, policy_definition_reference_id: Optional[str] = None, compliance_state: Optional[str] = None, expires_on: Optional[datetime.datetime] = None, owner: Optional[str] = None, comments: Optional[str] = None, evidence: Optional[List[azure.mgmt.policyinsights.models._models_py3.AttestationEvidence]] = None, **kwargs)[source]¶

Bases: azure.mgmt.policyinsights.models._models_py3.Resource

An attestation resource.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables

id (str) – Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.
name (str) – The name of the resource.
type (str) – The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”.
system_data (SystemData) – Azure Resource Manager metadata containing createdBy and modifiedBy information.
provisioning_state (str) – The status of the attestation.
last_compliance_state_change_at (datetime) – The time the compliance state was last changed in this attestation.

Parameters

policy_assignment_id (str) – Required. The resource ID of the policy assignment that the attestation is setting the state for.
policy_definition_reference_id (str) – The policy definition reference ID from a policy set definition that the attestation is setting the state for. If the policy assignment assigns a policy set definition the attestation can choose a definition within the set definition with this property or omit this and set the state for the entire set definition.
compliance_state (str or ComplianceState) – The compliance state that should be set on the resource. Possible values include: “Compliant”, “NonCompliant”, “Unknown”.
expires_on (datetime) – The time the compliance state should expire.
owner (str) – The person responsible for setting the state of the resource. This value is typically an Azure Active Directory object ID.
comments (str) – Comments describing why this attestation was created.
evidence (list[AttestationEvidence]) – The evidence supporting the compliance state set in this attestation.

class azure.mgmt.policyinsights.models.AttestationEvidence(*, description: Optional[str] = None, source_uri: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

A piece of evidence supporting the compliance state set in the attestation.

Parameters

description (str) – The description for this piece of evidence.
source_uri (str) – The URI location of the evidence.

class azure.mgmt.policyinsights.models.AttestationListResult(**kwargs)[source]¶

Bases: msrest.serialization.Model

List of attestations.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

value (list[Attestation]) – Array of attestation definitions.
next_link (str) – The URL to get the next set of results.

class azure.mgmt.policyinsights.models.CheckRestrictionsRequest(*, resource_details: azure.mgmt.policyinsights.models._models_py3.CheckRestrictionsResourceDetails, pending_fields: Optional[List[azure.mgmt.policyinsights.models._models_py3.PendingField]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The check policy restrictions parameters describing the resource that is being evaluated.

All required parameters must be populated in order to send to Azure.

Parameters

resource_details (CheckRestrictionsResourceDetails) – Required. The information about the resource that will be evaluated.
pending_fields (list[PendingField]) – The list of fields and values that should be evaluated for potential restrictions.

class azure.mgmt.policyinsights.models.CheckRestrictionsResourceDetails(*, resource_content: Any, api_version: Optional[str] = None, scope: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The information about the resource that will be evaluated.

All required parameters must be populated in order to send to Azure.

Parameters

resource_content (any) – Required. The resource content. This should include whatever properties are already known and can be a partial set of all resource properties.
api_version (str) – The api-version of the resource content.
scope (str) – The scope where the resource is being created. For example, if the resource is a child resource this would be the parent resource’s resource ID.

class azure.mgmt.policyinsights.models.CheckRestrictionsResult(**kwargs)[source]¶

Bases: msrest.serialization.Model

The result of a check policy restrictions evaluation on a resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

field_restrictions (list[FieldRestrictions]) – The restrictions that will be placed on various fields in the resource by policy.
content_evaluation_result (CheckRestrictionsResultContentEvaluationResult) – Evaluation results for the provided partial resource content.

class azure.mgmt.policyinsights.models.CheckRestrictionsResultContentEvaluationResult(*, policy_evaluations: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyEvaluationResult]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Evaluation results for the provided partial resource content.

Parameters: policy_evaluations (list[PolicyEvaluationResult]) – Policy evaluation results against the given resource content. This will indicate if the partial content that was provided will be denied as-is.

class azure.mgmt.policyinsights.models.ComplianceDetail(*, compliance_state: Optional[str] = None, count: Optional[int] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The compliance state rollup.

Parameters

compliance_state (str) – The compliance state.
count (int) – Summarized count value for this compliance state.

class azure.mgmt.policyinsights.models.ComplianceState(value)[source]¶

Bases: str, enum.Enum

The compliance state that should be set on the resource.

COMPLIANT = 'Compliant'¶: The resource is in compliance with the policy.

NON_COMPLIANT = 'NonCompliant'¶: The resource is not in compliance with the policy.

UNKNOWN = 'Unknown'¶: The compliance state of the resource is not known.

class azure.mgmt.policyinsights.models.ComponentEventDetails(*, additional_properties: Optional[Dict[str, Any]] = None, id: Optional[str] = None, type: Optional[str] = None, name: Optional[str] = None, timestamp: Optional[datetime.datetime] = None, tenant_id: Optional[str] = None, principal_oid: Optional[str] = None, policy_definition_action: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Component event details.

Parameters

additional_properties (dict[str, any]) – Unmatched properties from the message are deserialized to this collection.
id (str) – Component Id.
type (str) – Component type.
name (str) – Component name.
timestamp (datetime) – Timestamp for component policy event record.
tenant_id (str) – Tenant ID for the policy event record.
principal_oid (str) – Principal object ID for the user who initiated the resource component operation that triggered the policy event.
policy_definition_action (str) – Policy definition action, i.e. effect.

class azure.mgmt.policyinsights.models.ComponentStateDetails(*, additional_properties: Optional[Dict[str, Any]] = None, id: Optional[str] = None, type: Optional[str] = None, name: Optional[str] = None, timestamp: Optional[datetime.datetime] = None, compliance_state: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Component state details.

Parameters

additional_properties (dict[str, any]) – Unmatched properties from the message are deserialized to this collection.
id (str) – Component Id.
type (str) – Component type.
name (str) – Component name.
timestamp (datetime) – Component compliance evaluation timestamp.
compliance_state (str) – Component compliance state.

class azure.mgmt.policyinsights.models.CreatedByType(value)[source]¶

Bases: str, enum.Enum

The type of identity that created the resource.

APPLICATION = 'Application'¶

KEY = 'Key'¶

MANAGED_IDENTITY = 'ManagedIdentity'¶

USER = 'User'¶

class azure.mgmt.policyinsights.models.ErrorDefinition(**kwargs)[source]¶

Bases: msrest.serialization.Model

Error definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

code (str) – Service specific error code which serves as the substatus for the HTTP error code.
message (str) – Description of the error.
target (str) – The target of the error.
details (list[ErrorDefinition]) – Internal error details.
additional_info (list[TypedErrorInfo]) – Additional scenario specific error details.

class azure.mgmt.policyinsights.models.ErrorDefinitionAutoGenerated(**kwargs)[source]¶

Bases: msrest.serialization.Model

Error definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

code (str) – Service specific error code which serves as the substatus for the HTTP error code.
message (str) – Description of the error.
target (str) – The target of the error.
details (list[ErrorDefinitionAutoGenerated]) – Internal error details.
additional_info (list[TypedErrorInfo]) – Additional scenario specific error details.

class azure.mgmt.policyinsights.models.ErrorDefinitionAutoGenerated2(**kwargs)[source]¶

Bases: msrest.serialization.Model

Error definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

code (str) – Service specific error code which serves as the substatus for the HTTP error code.
message (str) – Description of the error.
target (str) – The target of the error.
details (list[ErrorDefinitionAutoGenerated2]) – Internal error details.
additional_info (list[TypedErrorInfo]) – Additional scenario specific error details.

class azure.mgmt.policyinsights.models.ErrorResponse(*, error: Optional[azure.mgmt.policyinsights.models._models_py3.ErrorDefinition] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Error response.

Parameters: error (ErrorDefinition) – The error details.

class azure.mgmt.policyinsights.models.ErrorResponseAutoGenerated(*, error: Optional[azure.mgmt.policyinsights.models._models_py3.ErrorDefinitionAutoGenerated] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Error response.

Parameters: error (ErrorDefinitionAutoGenerated) – The error details.

class azure.mgmt.policyinsights.models.ErrorResponseAutoGenerated2(*, error: Optional[azure.mgmt.policyinsights.models._models_py3.ErrorDefinitionAutoGenerated2] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Error response.

Parameters: error (ErrorDefinitionAutoGenerated2) – The error details.

class azure.mgmt.policyinsights.models.ExpressionEvaluationDetails(*, result: Optional[str] = None, expression: Optional[str] = None, path: Optional[str] = None, expression_value: Optional[Any] = None, target_value: Optional[Any] = None, operator: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Evaluation details of policy language expressions.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters

result (str) – Evaluation result.
expression (str) – Expression evaluated.
path (str) – Property path if the expression is a field or an alias.
expression_value (any) – Value of the expression.
target_value (any) – Target value to be compared with the expression value.
operator (str) – Operator to compare the expression value and the target value.

Variables

expression_kind (str) – The kind of expression that was evaluated.

class azure.mgmt.policyinsights.models.FieldRestriction(**kwargs)[source]¶

Bases: msrest.serialization.Model

The restrictions on a field imposed by a specific policy.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

result (str or FieldRestrictionResult) – The type of restriction that is imposed on the field. Possible values include: “Required”, “Removed”, “Deny”.
default_value (str) – The value that policy will set for the field if the user does not provide a value.
values (list[str]) – The values that policy either requires or denies for the field.
policy (PolicyReference) – The details of the policy that is causing the field restriction.

class azure.mgmt.policyinsights.models.FieldRestrictionResult(value)[source]¶

Bases: str, enum.Enum

The type of restriction that is imposed on the field.

DENY = 'Deny'¶: The field and/or values will be denied by policy.

REMOVED = 'Removed'¶: The field will be removed by policy.

REQUIRED = 'Required'¶: The field and/or values are required by policy.

class azure.mgmt.policyinsights.models.FieldRestrictions(*, restrictions: Optional[List[azure.mgmt.policyinsights.models._models_py3.FieldRestriction]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The restrictions that will be placed on a field in the resource by policy.

Variables are only populated by the server, and will be ignored when sending a request.

Variables: field (str) – The name of the field. This can be a top-level property like ‘name’ or ‘type’ or an Azure Policy field alias.
Parameters: restrictions (list[FieldRestriction]) – The restrictions placed on that field by policy.

class azure.mgmt.policyinsights.models.IfNotExistsEvaluationDetails(*, resource_id: Optional[str] = None, total_resources: Optional[int] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Evaluation details of IfNotExists effect.

Parameters

resource_id (str) – ID of the last evaluated resource for IfNotExists effect.
total_resources (int) – Total number of resources to which the existence condition is applicable.

class azure.mgmt.policyinsights.models.Operation(*, name: Optional[str] = None, display: Optional[azure.mgmt.policyinsights.models._models_py3.OperationDisplay] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Operation definition.

Parameters

name (str) – Operation name.
display (OperationDisplay) – Display metadata associated with the operation.

class azure.mgmt.policyinsights.models.OperationDisplay(*, provider: Optional[str] = None, resource: Optional[str] = None, operation: Optional[str] = None, description: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Display metadata associated with the operation.

Parameters

provider (str) – Resource provider name.
resource (str) – Resource name on which the operation is performed.
operation (str) – Operation name.
description (str) – Operation description.

class azure.mgmt.policyinsights.models.OperationsListResults(*, odata_count: Optional[int] = None, value: Optional[List[azure.mgmt.policyinsights.models._models_py3.Operation]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

List of available operations.

Parameters

odata_count (int) – OData entity count; represents the number of operations returned.
value (list[Operation]) – List of available operations.

class azure.mgmt.policyinsights.models.PendingField(*, field: str, values: Optional[List[str]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

A field that should be evaluated against Azure Policy to determine restrictions.

All required parameters must be populated in order to send to Azure.

Parameters

field (str) – Required. The name of the field. This can be a top-level property like ‘name’ or ‘type’ or an Azure Policy field alias.
values (list[str]) – The list of potential values for the field that should be evaluated against Azure Policy.

class azure.mgmt.policyinsights.models.PolicyAssignmentSummary(*, policy_assignment_id: Optional[str] = None, policy_set_definition_id: Optional[str] = None, results: Optional[azure.mgmt.policyinsights.models._models_py3.SummaryResults] = None, policy_definitions: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyDefinitionSummary]] = None, policy_groups: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyGroupSummary]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy assignment summary.

Parameters

policy_assignment_id (str) – Policy assignment ID.
policy_set_definition_id (str) – Policy set definition ID, if the policy assignment is for a policy set.
results (SummaryResults) – Compliance summary for the policy assignment.
policy_definitions (list[PolicyDefinitionSummary]) – Policy definitions summary.
policy_groups (list[PolicyGroupSummary]) – Policy definition group summary.

class azure.mgmt.policyinsights.models.PolicyDefinitionSummary(*, policy_definition_id: Optional[str] = None, policy_definition_reference_id: Optional[str] = None, policy_definition_group_names: Optional[List[str]] = None, effect: Optional[str] = None, results: Optional[azure.mgmt.policyinsights.models._models_py3.SummaryResults] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy definition summary.

Parameters

policy_definition_id (str) – Policy definition ID.
policy_definition_reference_id (str) – Policy definition reference ID.
policy_definition_group_names (list[str]) – Policy definition group names.
effect (str) – Policy effect, i.e. policy definition action.
results (SummaryResults) – Compliance summary for the policy definition.

class azure.mgmt.policyinsights.models.PolicyDetails(**kwargs)[source]¶

Bases: msrest.serialization.Model

The policy details.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

policy_definition_id (str) – The ID of the policy definition.
policy_assignment_id (str) – The ID of the policy assignment.
policy_assignment_display_name (str) – The display name of the policy assignment.
policy_assignment_scope (str) – The scope of the policy assignment.
policy_set_definition_id (str) – The ID of the policy set definition.
policy_definition_reference_id (str) – The policy definition reference ID within the policy set definition.

class azure.mgmt.policyinsights.models.PolicyEvaluationDetails(*, evaluated_expressions: Optional[List[azure.mgmt.policyinsights.models._models_py3.ExpressionEvaluationDetails]] = None, if_not_exists_details: Optional[azure.mgmt.policyinsights.models._models_py3.IfNotExistsEvaluationDetails] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy evaluation details.

Parameters

evaluated_expressions (list[ExpressionEvaluationDetails]) – Details of the evaluated expressions.
if_not_exists_details (IfNotExistsEvaluationDetails) – Evaluation details of IfNotExists effect.

class azure.mgmt.policyinsights.models.PolicyEvaluationResult(**kwargs)[source]¶

Bases: msrest.serialization.Model

The result of a non-compliant policy evaluation against the given resource content.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

policy_info (PolicyReference) – The details of the policy that was evaluated.
evaluation_result (str) – The result of the policy evaluation against the resource. This will typically be ‘NonCompliant’ but may contain other values if errors were encountered.
evaluation_details (PolicyEvaluationDetails) – The detailed results of the policy expressions and values that were evaluated.

class azure.mgmt.policyinsights.models.PolicyEvent(*, additional_properties: Optional[Dict[str, Any]] = None, odata_id: Optional[str] = None, odata_context: Optional[str] = None, timestamp: Optional[datetime.datetime] = None, resource_id: Optional[str] = None, policy_assignment_id: Optional[str] = None, policy_definition_id: Optional[str] = None, effective_parameters: Optional[str] = None, is_compliant: Optional[bool] = None, subscription_id: Optional[str] = None, resource_type: Optional[str] = None, resource_location: Optional[str] = None, resource_group: Optional[str] = None, resource_tags: Optional[str] = None, policy_assignment_name: Optional[str] = None, policy_assignment_owner: Optional[str] = None, policy_assignment_parameters: Optional[str] = None, policy_assignment_scope: Optional[str] = None, policy_definition_name: Optional[str] = None, policy_definition_action: Optional[str] = None, policy_definition_category: Optional[str] = None, policy_set_definition_id: Optional[str] = None, policy_set_definition_name: Optional[str] = None, policy_set_definition_owner: Optional[str] = None, policy_set_definition_category: Optional[str] = None, policy_set_definition_parameters: Optional[str] = None, management_group_ids: Optional[str] = None, policy_definition_reference_id: Optional[str] = None, compliance_state: Optional[str] = None, tenant_id: Optional[str] = None, principal_oid: Optional[str] = None, components: Optional[List[azure.mgmt.policyinsights.models._models_py3.ComponentEventDetails]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy event record.

Parameters

additional_properties (dict[str, any]) – Unmatched properties from the message are deserialized to this collection.
odata_id (str) – OData entity ID; always set to null since policy event records do not have an entity ID.
odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
timestamp (datetime) – Timestamp for the policy event record.
resource_id (str) – Resource ID.
policy_assignment_id (str) – Policy assignment ID.
policy_definition_id (str) – Policy definition ID.
effective_parameters (str) – Effective parameters for the policy assignment.
is_compliant (bool) – Flag which states whether the resource is compliant against the policy assignment it was evaluated against.
subscription_id (str) – Subscription ID.
resource_type (str) – Resource type.
resource_location (str) – Resource location.
resource_group (str) – Resource group name.
resource_tags (str) – List of resource tags.
policy_assignment_name (str) – Policy assignment name.
policy_assignment_owner (str) – Policy assignment owner.
policy_assignment_parameters (str) – Policy assignment parameters.
policy_assignment_scope (str) – Policy assignment scope.
policy_definition_name (str) – Policy definition name.
policy_definition_action (str) – Policy definition action, i.e. effect.
policy_definition_category (str) – Policy definition category.
policy_set_definition_id (str) – Policy set definition ID, if the policy assignment is for a policy set.
policy_set_definition_name (str) – Policy set definition name, if the policy assignment is for a policy set.
policy_set_definition_owner (str) – Policy set definition owner, if the policy assignment is for a policy set.
policy_set_definition_category (str) – Policy set definition category, if the policy assignment is for a policy set.
policy_set_definition_parameters (str) – Policy set definition parameters, if the policy assignment is for a policy set.
management_group_ids (str) – Comma separated list of management group IDs, which represent the hierarchy of the management groups the resource is under.
policy_definition_reference_id (str) – Reference ID for the policy definition inside the policy set, if the policy assignment is for a policy set.
compliance_state (str) – Compliance state of the resource.
tenant_id (str) – Tenant ID for the policy event record.
principal_oid (str) – Principal object ID for the user who initiated the resource operation that triggered the policy event.
components (list[ComponentEventDetails]) – Components events records populated only when URL contains $expand=components clause.

class azure.mgmt.policyinsights.models.PolicyEventsQueryResults(*, odata_context: Optional[str] = None, odata_count: Optional[int] = None, odata_next_link: Optional[str] = None, value: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyEvent]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Query results.

Parameters

odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
odata_count (int) – OData entity count; represents the number of policy event records returned.
odata_next_link (str) – Odata next link; URL to get the next set of results.
value (list[PolicyEvent]) – Query results.

class azure.mgmt.policyinsights.models.PolicyGroupSummary(*, policy_group_name: Optional[str] = None, results: Optional[azure.mgmt.policyinsights.models._models_py3.SummaryResults] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy definition group summary.

Parameters

policy_group_name (str) – Policy group name.
results (SummaryResults) – Compliance summary for the policy definition group.

class azure.mgmt.policyinsights.models.PolicyMetadata(**kwargs)[source]¶

Bases: msrest.serialization.Model

Policy metadata resource definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

id (str) – The ID of the policy metadata.
type (str) – The type of the policy metadata.
name (str) – The name of the policy metadata.
metadata_id (str) – The policy metadata identifier.
category (str) – The category of the policy metadata.
title (str) – The title of the policy metadata.
owner (str) – The owner of the policy metadata.
additional_content_url (str) – Url for getting additional content about the resource metadata.
metadata (any) – Additional metadata.
description (str) – The description of the policy metadata.
requirements (str) – The requirements of the policy metadata.

class azure.mgmt.policyinsights.models.PolicyMetadataCollection(**kwargs)[source]¶

Bases: msrest.serialization.Model

Collection of policy metadata resources.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

value (list[SlimPolicyMetadata]) – Array of policy metadata definitions.
next_link (str) – The URL to get the next set of results.

class azure.mgmt.policyinsights.models.PolicyMetadataProperties(**kwargs)[source]¶

Bases: azure.mgmt.policyinsights.models._models_py3.PolicyMetadataSlimProperties

The properties of the policy metadata.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

metadata_id (str) – The policy metadata identifier.
category (str) – The category of the policy metadata.
title (str) – The title of the policy metadata.
owner (str) – The owner of the policy metadata.
additional_content_url (str) – Url for getting additional content about the resource metadata.
metadata (any) – Additional metadata.
description (str) – The description of the policy metadata.
requirements (str) – The requirements of the policy metadata.

class azure.mgmt.policyinsights.models.PolicyMetadataSlimProperties(**kwargs)[source]¶

Bases: msrest.serialization.Model

The properties of the policy metadata, excluding properties containing large strings.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

metadata_id (str) – The policy metadata identifier.
category (str) – The category of the policy metadata.
title (str) – The title of the policy metadata.
owner (str) – The owner of the policy metadata.
additional_content_url (str) – Url for getting additional content about the resource metadata.
metadata (any) – Additional metadata.

class azure.mgmt.policyinsights.models.PolicyReference(**kwargs)[source]¶

Bases: msrest.serialization.Model

Resource identifiers for a policy.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

policy_definition_id (str) – The resource identifier of the policy definition.
policy_set_definition_id (str) – The resource identifier of the policy set definition.
policy_definition_reference_id (str) – The reference identifier of a specific policy definition within a policy set definition.
policy_assignment_id (str) – The resource identifier of the policy assignment.

class azure.mgmt.policyinsights.models.PolicyState(*, additional_properties: Optional[Dict[str, Any]] = None, odata_id: Optional[str] = None, odata_context: Optional[str] = None, timestamp: Optional[datetime.datetime] = None, resource_id: Optional[str] = None, policy_assignment_id: Optional[str] = None, policy_definition_id: Optional[str] = None, effective_parameters: Optional[str] = None, is_compliant: Optional[bool] = None, subscription_id: Optional[str] = None, resource_type: Optional[str] = None, resource_location: Optional[str] = None, resource_group: Optional[str] = None, resource_tags: Optional[str] = None, policy_assignment_name: Optional[str] = None, policy_assignment_owner: Optional[str] = None, policy_assignment_parameters: Optional[str] = None, policy_assignment_scope: Optional[str] = None, policy_definition_name: Optional[str] = None, policy_definition_action: Optional[str] = None, policy_definition_category: Optional[str] = None, policy_set_definition_id: Optional[str] = None, policy_set_definition_name: Optional[str] = None, policy_set_definition_owner: Optional[str] = None, policy_set_definition_category: Optional[str] = None, policy_set_definition_parameters: Optional[str] = None, management_group_ids: Optional[str] = None, policy_definition_reference_id: Optional[str] = None, compliance_state: Optional[str] = None, policy_evaluation_details: Optional[azure.mgmt.policyinsights.models._models_py3.PolicyEvaluationDetails] = None, policy_definition_group_names: Optional[List[str]] = None, components: Optional[List[azure.mgmt.policyinsights.models._models_py3.ComponentStateDetails]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Policy state record.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters

additional_properties (dict[str, any]) – Unmatched properties from the message are deserialized to this collection.
odata_id (str) – OData entity ID; always set to null since policy state records do not have an entity ID.
odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
timestamp (datetime) – Timestamp for the policy state record.
resource_id (str) – Resource ID.
policy_assignment_id (str) – Policy assignment ID.
policy_definition_id (str) – Policy definition ID.
effective_parameters (str) – Effective parameters for the policy assignment.
is_compliant (bool) – Flag which states whether the resource is compliant against the policy assignment it was evaluated against. This property is deprecated; please use ComplianceState instead.
subscription_id (str) – Subscription ID.
resource_type (str) – Resource type.
resource_location (str) – Resource location.
resource_group (str) – Resource group name.
resource_tags (str) – List of resource tags.
policy_assignment_name (str) – Policy assignment name.
policy_assignment_owner (str) – Policy assignment owner.
policy_assignment_parameters (str) – Policy assignment parameters.
policy_assignment_scope (str) – Policy assignment scope.
policy_definition_name (str) – Policy definition name.
policy_definition_action (str) – Policy definition action, i.e. effect.
policy_definition_category (str) – Policy definition category.
policy_set_definition_id (str) – Policy set definition ID, if the policy assignment is for a policy set.
policy_set_definition_name (str) – Policy set definition name, if the policy assignment is for a policy set.
policy_set_definition_owner (str) – Policy set definition owner, if the policy assignment is for a policy set.
policy_set_definition_category (str) – Policy set definition category, if the policy assignment is for a policy set.
policy_set_definition_parameters (str) – Policy set definition parameters, if the policy assignment is for a policy set.
management_group_ids (str) – Comma separated list of management group IDs, which represent the hierarchy of the management groups the resource is under.
policy_definition_reference_id (str) – Reference ID for the policy definition inside the policy set, if the policy assignment is for a policy set.
compliance_state (str) – Compliance state of the resource.
policy_evaluation_details (PolicyEvaluationDetails) – Policy evaluation details.
policy_definition_group_names (list[str]) – Policy definition group names.
components (list[ComponentStateDetails]) – Components state compliance records populated only when URL contains $expand=components clause.

Variables

policy_definition_version (str) – Evaluated policy definition version.
policy_set_definition_version (str) – Evaluated policy set definition version.
policy_assignment_version (str) – Evaluated policy assignment version.

class azure.mgmt.policyinsights.models.PolicyStatesQueryResults(*, odata_context: Optional[str] = None, odata_count: Optional[int] = None, odata_next_link: Optional[str] = None, value: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyState]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Query results.

Parameters

odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
odata_count (int) – OData entity count; represents the number of policy state records returned.
odata_next_link (str) – Odata next link; URL to get the next set of results.
value (list[PolicyState]) – Query results.

class azure.mgmt.policyinsights.models.PolicyStatesResource(value)[source]¶

Bases: str, enum.Enum

An enumeration.

DEFAULT = 'default'¶

LATEST = 'latest'¶

class azure.mgmt.policyinsights.models.PolicyTrackedResource(**kwargs)[source]¶

Bases: msrest.serialization.Model

Policy tracked resource record.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

tracked_resource_id (str) – The ID of the policy tracked resource.
policy_details (PolicyDetails) – The details of the policy that require the tracked resource.
created_by (TrackedResourceModificationDetails) – The details of the policy triggered deployment that created the tracked resource.
last_modified_by (TrackedResourceModificationDetails) – The details of the policy triggered deployment that modified the tracked resource.
last_update_utc (datetime) – Timestamp of the last update to the tracked resource.

class azure.mgmt.policyinsights.models.PolicyTrackedResourcesQueryResults(**kwargs)[source]¶

Bases: msrest.serialization.Model

Query results.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

value (list[PolicyTrackedResource]) – Query results.
next_link (str) – The URL to get the next set of results.

class azure.mgmt.policyinsights.models.QueryFailure(*, error: Optional[azure.mgmt.policyinsights.models._models_py3.QueryFailureError] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Error response.

Parameters: error (QueryFailureError) – Error definition.

class azure.mgmt.policyinsights.models.QueryFailureError(**kwargs)[source]¶

Bases: msrest.serialization.Model

Error definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

code (str) – Service specific error code which serves as the substatus for the HTTP error code.
message (str) – Description of the error.

class azure.mgmt.policyinsights.models.QueryOptions(*, top: Optional[int] = None, filter: Optional[str] = None, order_by: Optional[str] = None, select: Optional[str] = None, from_property: Optional[datetime.datetime] = None, to: Optional[datetime.datetime] = None, apply: Optional[str] = None, skip_token: Optional[str] = None, expand: Optional[str] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Parameter group.

Parameters

top (int) – Maximum number of records to return.
filter (str) – OData filter expression.
order_by (str) – Ordering expression using OData notation. One or more comma-separated column names with an optional “desc” (the default) or “asc”, e.g. “$orderby=PolicyAssignmentId, ResourceId asc”.
select (str) – Select expression using OData notation. Limits the columns on each record to just those requested, e.g. “$select=PolicyAssignmentId, ResourceId”.
from_property (datetime) – ISO 8601 formatted timestamp specifying the start time of the interval to query. When not specified, the service uses ($to - 1-day).
to (datetime) – ISO 8601 formatted timestamp specifying the end time of the interval to query. When not specified, the service uses request time.
apply (str) – OData apply expression for aggregations.
skip_token (str) – Skiptoken is only provided if a previous response returned a partial result as a part of nextLink element.
expand (str) – The $expand query parameter. For example, to expand components use $expand=components.

class azure.mgmt.policyinsights.models.Remediation(*, policy_assignment_id: Optional[str] = None, policy_definition_reference_id: Optional[str] = None, resource_discovery_mode: Optional[str] = None, filters: Optional[azure.mgmt.policyinsights.models._models_py3.RemediationFilters] = None, resource_count: Optional[int] = None, parallel_deployments: Optional[int] = None, failure_threshold: Optional[azure.mgmt.policyinsights.models._models_py3.RemediationPropertiesFailureThreshold] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The remediation definition.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

id (str) – The ID of the remediation.
type (str) – The type of the remediation.
name (str) – The name of the remediation.
system_data (SystemData) – Azure Resource Manager metadata containing createdBy and modifiedBy information.
provisioning_state (str) – The status of the remediation.
created_on (datetime) – The time at which the remediation was created.
last_updated_on (datetime) – The time at which the remediation was last updated.
deployment_status (RemediationDeploymentSummary) – The deployment status summary for all deployments created by the remediation.
status_message (str) – The remediation status message. Provides additional details regarding the state of the remediation.
correlation_id (str) – The remediation correlation Id. Can be used to find events related to the remediation in the activity log.

Parameters

policy_assignment_id (str) – The resource ID of the policy assignment that should be remediated.
policy_definition_reference_id (str) – The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition.
resource_discovery_mode (str or ResourceDiscoveryMode) – The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. Possible values include: “ExistingNonCompliant”, “ReEvaluateCompliance”.
filters (RemediationFilters) – The filters that will be applied to determine which resources to remediate.
resource_count (int) – Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used.
parallel_deployments (int) – Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used.
failure_threshold (RemediationPropertiesFailureThreshold) – The remediation failure threshold settings.

class azure.mgmt.policyinsights.models.RemediationDeployment(**kwargs)[source]¶

Bases: msrest.serialization.Model

Details of a single deployment created by the remediation.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

remediated_resource_id (str) – Resource ID of the resource that is being remediated by the deployment.
deployment_id (str) – Resource ID of the template deployment that will remediate the resource.
status (str) – Status of the remediation deployment.
resource_location (str) – Location of the resource that is being remediated.
error (ErrorDefinition) – Error encountered while remediated the resource.
created_on (datetime) – The time at which the remediation was created.
last_updated_on (datetime) – The time at which the remediation deployment was last updated.

class azure.mgmt.policyinsights.models.RemediationDeploymentSummary(**kwargs)[source]¶

Bases: msrest.serialization.Model

The deployment status summary for all deployments created by the remediation.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

total_deployments (int) – The number of deployments required by the remediation.
successful_deployments (int) – The number of deployments required by the remediation that have succeeded.
failed_deployments (int) – The number of deployments required by the remediation that have failed.

class azure.mgmt.policyinsights.models.RemediationDeploymentsListResult(**kwargs)[source]¶

Bases: msrest.serialization.Model

List of deployments for a remediation.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

value (list[RemediationDeployment]) – Array of deployments for the remediation.
next_link (str) – The URL to get the next set of results.

class azure.mgmt.policyinsights.models.RemediationFilters(*, locations: Optional[List[str]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The filters that will be applied to determine which resources to remediate.

Parameters: locations (list[str]) – The resource locations that will be remediated.

class azure.mgmt.policyinsights.models.RemediationListResult(**kwargs)[source]¶

Bases: msrest.serialization.Model

List of remediations.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

value (list[Remediation]) – Array of remediation definitions.
next_link (str) – The URL to get the next set of results.

class azure.mgmt.policyinsights.models.RemediationPropertiesFailureThreshold(*, percentage: Optional[float] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

The remediation failure threshold settings.

Parameters: percentage (float) – A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold.

class azure.mgmt.policyinsights.models.Resource(**kwargs)[source]¶

Bases: msrest.serialization.Model

Common fields that are returned in the response for all Azure Resource Manager resources.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

id (str) – Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.
name (str) – The name of the resource.
type (str) – The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”.

class azure.mgmt.policyinsights.models.ResourceDiscoveryMode(value)[source]¶

Bases: str, enum.Enum

The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified.

EXISTING_NON_COMPLIANT = 'ExistingNonCompliant'¶: Remediate resources that are already known to be non-compliant.

RE_EVALUATE_COMPLIANCE = 'ReEvaluateCompliance'¶: Re-evaluate the compliance state of resources and then remediate the resources found to be non-compliant.

class azure.mgmt.policyinsights.models.SlimPolicyMetadata(**kwargs)[source]¶

Bases: msrest.serialization.Model

Slim version of policy metadata resource definition, excluding properties with large strings.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

id (str) – The ID of the policy metadata.
type (str) – The type of the policy metadata.
name (str) – The name of the policy metadata.
metadata_id (str) – The policy metadata identifier.
category (str) – The category of the policy metadata.
title (str) – The title of the policy metadata.
owner (str) – The owner of the policy metadata.
additional_content_url (str) – Url for getting additional content about the resource metadata.
metadata (any) – Additional metadata.

class azure.mgmt.policyinsights.models.SummarizeResults(*, odata_context: Optional[str] = None, odata_count: Optional[int] = None, value: Optional[List[azure.mgmt.policyinsights.models._models_py3.Summary]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Summarize action results.

Parameters

odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
odata_count (int) – OData entity count; represents the number of summaries returned; always set to 1.
value (list[Summary]) – Summarize action results.

class azure.mgmt.policyinsights.models.Summary(*, odata_id: Optional[str] = None, odata_context: Optional[str] = None, results: Optional[azure.mgmt.policyinsights.models._models_py3.SummaryResults] = None, policy_assignments: Optional[List[azure.mgmt.policyinsights.models._models_py3.PolicyAssignmentSummary]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Summary results.

Parameters

odata_id (str) – OData entity ID; always set to null since summaries do not have an entity ID.
odata_context (str) – OData context string; used by OData clients to resolve type information based on metadata.
results (SummaryResults) – Compliance summary for all policy assignments.
policy_assignments (list[PolicyAssignmentSummary]) – Policy assignments summary.

class azure.mgmt.policyinsights.models.SummaryResults(*, query_results_uri: Optional[str] = None, non_compliant_resources: Optional[int] = None, non_compliant_policies: Optional[int] = None, resource_details: Optional[List[azure.mgmt.policyinsights.models._models_py3.ComplianceDetail]] = None, policy_details: Optional[List[azure.mgmt.policyinsights.models._models_py3.ComplianceDetail]] = None, policy_group_details: Optional[List[azure.mgmt.policyinsights.models._models_py3.ComplianceDetail]] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Compliance summary on a particular summary level.

Parameters

query_results_uri (str) – HTTP POST URI for queryResults action on Microsoft.PolicyInsights to retrieve raw results for the compliance summary. This property will not be available by default in future API versions, but could be queried explicitly.
non_compliant_resources (int) – Number of non-compliant resources.
non_compliant_policies (int) – Number of non-compliant policies.
resource_details (list[ComplianceDetail]) – The resources summary at this level.
policy_details (list[ComplianceDetail]) – The policy artifact summary at this level. For query scope level, it represents policy assignment summary. For policy assignment level, it represents policy definitions summary.
policy_group_details (list[ComplianceDetail]) – The policy definition group summary at this level.

class azure.mgmt.policyinsights.models.SystemData(*, created_by: Optional[str] = None, created_by_type: Optional[str] = None, created_at: Optional[datetime.datetime] = None, last_modified_by: Optional[str] = None, last_modified_by_type: Optional[str] = None, last_modified_at: Optional[datetime.datetime] = None, **kwargs)[source]¶

Bases: msrest.serialization.Model

Metadata pertaining to creation and last modification of the resource.

Parameters

created_by (str) – The identity that created the resource.
created_by_type (str or CreatedByType) – The type of identity that created the resource. Possible values include: “User”, “Application”, “ManagedIdentity”, “Key”.
created_at (datetime) – The timestamp of resource creation (UTC).
last_modified_by (str) – The identity that last modified the resource.
last_modified_by_type (str or CreatedByType) – The type of identity that last modified the resource. Possible values include: “User”, “Application”, “ManagedIdentity”, “Key”.
last_modified_at (datetime) – The timestamp of resource last modification (UTC).

class azure.mgmt.policyinsights.models.TrackedResourceModificationDetails(**kwargs)[source]¶

Bases: msrest.serialization.Model

The details of the policy triggered deployment that created or modified the tracked resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

policy_details (PolicyDetails) – The details of the policy that created or modified the tracked resource.
deployment_id (str) – The ID of the deployment that created or modified the tracked resource.
deployment_time (datetime) – Timestamp of the deployment that created or modified the tracked resource.

class azure.mgmt.policyinsights.models.TypedErrorInfo(**kwargs)[source]¶

Bases: msrest.serialization.Model

Scenario specific error details.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

type (str) – The type of included error details.
info (any) – The scenario specific error details.