Set-AzPolicySetDefinition
Modifies a policy set definition
Syntax
Set-AzPolicySetDefinition
-Name <String>
[-DisplayName <String>]
[-Description <String>]
[-PolicyDefinition <String>]
[-Metadata <String>]
[-Parameter <String>]
[-GroupDefinition <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzPolicySetDefinition
-Name <String>
[-DisplayName <String>]
[-Description <String>]
[-PolicyDefinition <String>]
[-Metadata <String>]
[-Parameter <String>]
-ManagementGroupName <String>
[-GroupDefinition <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzPolicySetDefinition
-Name <String>
[-DisplayName <String>]
[-Description <String>]
[-PolicyDefinition <String>]
[-Metadata <String>]
[-Parameter <String>]
-SubscriptionId <Guid>
[-GroupDefinition <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzPolicySetDefinition
-Id <String>
[-DisplayName <String>]
[-Description <String>]
[-PolicyDefinition <String>]
[-Metadata <String>]
[-Parameter <String>]
[-GroupDefinition <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzPolicySetDefinition
[-DisplayName <String>]
[-Description <String>]
[-PolicyDefinition <String>]
[-Metadata <String>]
[-Parameter <String>]
-InputObject <PsPolicySetDefinition>
[-GroupDefinition <String>]
[-ApiVersion <String>]
[-Pre]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Set-AzPolicySetDefinition cmdlet modifies a policy definition.
Examples
Example 1: Update the description of a policy set definition
$PolicySetDefinition = Get-AzPolicySetDefinition -ResourceId '/subscriptions/mySub/Microsoft.Authorization/policySetDefinitions/myPSSetDefinition'
Set-AzPolicySetDefinition -Id $PolicySetDefinition.ResourceId -Description 'Updated policy to not allow virtual machine creation'The first command gets a policy set definition by using the Get-AzPolicySetDefinition cmdlet. The command stores that object in the $PolicySetDefinition variable. The second command updates the description of the policy set definition identified by the ResourceId property of $PolicySetDefinition.
Example 2: Update the metadata of a policy set definition
Set-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -Metadata '{"category":"Virtual Machine"}'
Name : VMPolicySetDefinition
ResourceId : /subscriptions/11111111-1111-1111-1111-111111111111/providers/Microsoft.Authorization/policySetDefinitions/VMPolicySetDefinition
ResourceName : VMPolicySetDefinition
ResourceType : Microsoft.Authorization/policySetDefinitions
SubscriptionId : 11111111-1111-1111-1111-111111111111
Properties : @{displayName=VMPolicySetDefinition; policyType=Custom; metadata=; parameters=; policyDefinitions=System.Object[]}
PolicySetDefinitionId : /subscriptions/11111111-1111-1111-1111-111111111111/providers/Microsoft.Authorization/policySetDefinitions/VMPolicySetDefinitionThis command updates the metadata of a policy set definition named VMPolicySetDefinition to indicate its category is "Virtual Machine".
Example 3: Update the groups of a policy set definition
Set-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -GroupDefinition '[{ "name": "group1", "displayName": "Virtual Machine Security" }, { "name": "group2" }]'This command updates the groups of a policy set definition named VMPolicySetDefinition.
Example 4: Update the groups of a policy set definition using a hash table
$groupsJson = ConvertTo-Json @{ name = "group1"; displayName = "Virtual Machine Security" }, @{ name = "group2" }
Set-AzPolicySetDefinition -Name 'VMPolicySetDefinition' -GroupDefinition $groupsJsonThis command updates the groups of a policy set definition named VMPolicySetDefinition using a hash table to construct the groups.
Parameters
-ApiVersion
When set, indicates the version of the resource provider API to use. If not specified, the API version is automatically determined as the latest available.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
The description for policy set definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-DisplayName
The display name for policy set definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-GroupDefinition
The policy definition groups of the updated policy set definition. This can either be a path to a file containing the groups, or the groups as a JSON string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The fully qualified policy definition Id, including the subscription. e.g. /subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}
| Type: | String |
| Aliases: | ResourceId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-InputObject
The policy set definition object to update that was output from another cmdlet.
| Type: | PsPolicySetDefinition |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ManagementGroupName
The name of the management group of the policy set definition to update.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Metadata
The metadata of the updated policy set definition. This can either be a path to a file name containing the metadata, or the metadata as a JSON string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
The policy set definition name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Parameter
The parameters declaration of the updated policy set definition. This can either be a path to a file name or uri containing the parameters declaration, or the parameters declaration as a JSON string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-PolicyDefinition
The policy definitions. This can either be a path to a file name containing the policy definitions, or the policy definitions as a JSON string.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Pre
When set, indicates that the cmdlet should use pre-release API versions when automatically determining which version to use.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SubscriptionId
The subscription ID of the policy set definition to update.
| Type: | Nullable<T>[Guid] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Nullable<T>[[System.Guid, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]