-
Notifications
You must be signed in to change notification settings - Fork 11
/
createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.go
130 lines (127 loc) · 5.4 KB
/
createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package armpolicy_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armpolicy"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d55b8005f05b040b852c15e74a0f3e36494a15e1/specification/resources/resource-manager/Microsoft.Authorization/stable/2021-06-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json
func ExampleSetDefinitionsClient_CreateOrUpdateAtManagementGroup_createOrUpdateAPolicySetDefinitionWithGroupsAtManagementGroupLevel() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armpolicy.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewSetDefinitionsClient().CreateOrUpdateAtManagementGroup(ctx, "CostManagement", "MyManagementGroup", armpolicy.SetDefinition{
Properties: &armpolicy.SetDefinitionProperties{
Description: to.Ptr("Policies to enforce low cost storage SKUs"),
DisplayName: to.Ptr("Cost Management"),
Metadata: map[string]any{
"category": "Cost Management",
},
PolicyDefinitionGroups: []*armpolicy.DefinitionGroup{
{
Name: to.Ptr("CostSaving"),
Description: to.Ptr("Policies designed to control spend within a subscription."),
DisplayName: to.Ptr("Cost Management Policies"),
},
{
Name: to.Ptr("Organizational"),
Description: to.Ptr("Policies that help enforce resource organization standards within a subscription."),
DisplayName: to.Ptr("Organizational Policies"),
}},
PolicyDefinitions: []*armpolicy.DefinitionReference{
{
GroupNames: []*string{
to.Ptr("CostSaving")},
Parameters: map[string]*armpolicy.ParameterValuesValue{
"listOfAllowedSKUs": {
Value: []any{
"Standard_GRS",
"Standard_LRS",
},
},
},
PolicyDefinitionID: to.Ptr("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1"),
PolicyDefinitionReferenceID: to.Ptr("Limit_Skus"),
},
{
GroupNames: []*string{
to.Ptr("Organizational")},
Parameters: map[string]*armpolicy.ParameterValuesValue{
"prefix": {
Value: "DeptA",
},
"suffix": {
Value: "-LC",
},
},
PolicyDefinitionID: to.Ptr("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
PolicyDefinitionReferenceID: to.Ptr("Resource_Naming"),
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.SetDefinition = armpolicy.SetDefinition{
// Name: to.Ptr("CostManagement"),
// Type: to.Ptr("Microsoft.Authorization/policySetDefinitions"),
// ID: to.Ptr("/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement"),
// Properties: &armpolicy.SetDefinitionProperties{
// Description: to.Ptr("Policies to enforce low cost storage SKUs"),
// DisplayName: to.Ptr("Cost Management"),
// Metadata: map[string]any{
// "category": "Cost Management",
// },
// PolicyDefinitionGroups: []*armpolicy.DefinitionGroup{
// {
// Name: to.Ptr("CostSaving"),
// Description: to.Ptr("Policies designed to control spend within a subscription."),
// DisplayName: to.Ptr("Cost Management Policies"),
// },
// {
// Name: to.Ptr("Organizational"),
// Description: to.Ptr("Policies that help enforce resource organization standards within a subscription."),
// DisplayName: to.Ptr("Organizational Policies"),
// }},
// PolicyDefinitions: []*armpolicy.DefinitionReference{
// {
// GroupNames: []*string{
// to.Ptr("CostSaving")},
// Parameters: map[string]*armpolicy.ParameterValuesValue{
// "listOfAllowedSKUs": &armpolicy.ParameterValuesValue{
// Value: []any{
// "Standard_GRS",
// "Standard_LRS",
// },
// },
// },
// PolicyDefinitionID: to.Ptr("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1"),
// PolicyDefinitionReferenceID: to.Ptr("Limit_Skus"),
// },
// {
// GroupNames: []*string{
// to.Ptr("Organizational")},
// Parameters: map[string]*armpolicy.ParameterValuesValue{
// "prefix": &armpolicy.ParameterValuesValue{
// Value: "DeptA",
// },
// "suffix": &armpolicy.ParameterValuesValue{
// Value: "-LC",
// },
// },
// PolicyDefinitionID: to.Ptr("/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming"),
// PolicyDefinitionReferenceID: to.Ptr("Resource_Naming"),
// }},
// },
// }
}