az policy exemption
This command group is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Manage resource policy exemptions.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az policy exemption create |
Create a policy exemption. |
Core | Preview |
| az policy exemption delete |
Delete a policy exemption. |
Core | Preview |
| az policy exemption list |
List policy exemptions. |
Core | Preview |
| az policy exemption show |
Show a policy exemption. |
Core | Preview |
| az policy exemption update |
Update a policy exemption. |
Core | Preview |
az policy exemption create
Command group 'policy exemption' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create a policy exemption.
az policy exemption create --name
[--description]
[--display-name]
[--exemption-category {Mitigated, Waiver}]
[--expires-on]
[--metadata]
[--policy-assignment]
[--policy-definition-reference-ids]
[--resource-group]
[--scope]Examples
Create a policy exemption in default subscription.
az policy exemption create -n exemptTestVM \
--policy-assignment "/subscriptions/mySubId/providers/Microsoft.Authorization/policyAssignments/limitVMSku" \
--exemption-category "Waiver"Create a policy exemption in the resource group.
az policy exemption create -n exemptTestVM \
--policy-assignment "/subscriptions/mySubId/providers/Microsoft.Authorization/policyAssignments/limitVMSku" \
--exemption-category "Waiver" \
--resource-group "myResourceGroup"Create a policy exemption in a management group.
az policy exemption create -n exemptTestVM \
--policy-assignment "/providers/Microsoft.Management/managementGroups/myMG/providers/Microsoft.Authorization/policyAssignments/limitVMSku" \
--exemption-category "Waiver" \
--scope "/providers/Microsoft.Management/managementGroups/myMG"Required Parameters
Name of the new policy exemption.
Optional Parameters
Description of policy exemption.
Display name of the policy exemption.
The policy exemption category of the policy exemption.
The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
Metadata in space-separated key=value pairs.
The referenced policy assignment Id for the policy exemption.
The policy definition reference ids to exempt in the initiative (policy set).
The resource group where the policy will be applied.
Scope to which this policy exemption applies.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az policy exemption delete
Command group 'policy exemption' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Delete a policy exemption.
az policy exemption delete --name
[--resource-group]
[--scope]Examples
Delete a policy exemption.
az policy exemption delete --name MyPolicyExemption --resource-group "myResourceGroup"Required Parameters
Name of the policy exemption.
Optional Parameters
The resource group where the policy will be applied.
Scope to which this policy exemption applies.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az policy exemption list
Command group 'policy exemption' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
List policy exemptions.
az policy exemption list [--disable-scope-strict-match]
[--resource-group]
[--scope]Optional Parameters
Include policy exemptions either inherited from parent scope or at child scope.
The resource group where the policy will be applied.
Scope to which this policy exemption applies.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az policy exemption show
Command group 'policy exemption' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Show a policy exemption.
az policy exemption show --name
[--resource-group]
[--scope]Examples
Show a policy exemption.
az policy exemption show --name MyPolicyExemption --resource-group "myResourceGroup"Required Parameters
Name of the policy exemption.
Optional Parameters
The resource group where the policy will be applied.
Scope to which this policy exemption applies.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az policy exemption update
Command group 'policy exemption' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Update a policy exemption.
az policy exemption update --name
[--description]
[--display-name]
[--exemption-category {Mitigated, Waiver}]
[--expires-on]
[--metadata]
[--policy-definition-reference-ids]
[--resource-group]
[--scope]Examples
Update a policy exemption.
az policy exemption update -n exemptTestVM \
--exemption-category "Mitigated"Update a policy exemption in the resource group.
az policy exemption update -n exemptTestVM \
--exemption-category "Mitigated" \
--resource-group "myResourceGroup"Update a policy exemption in a management group.
az policy exemption update -n exemptTestVM \
--exemption-category "Mitigated" \
--scope "/providers/Microsoft.Management/managementGroups/myMG"Required Parameters
Name of the policy exemption.
Optional Parameters
Description of policy exemption.
Display name of the policy exemption.
The policy exemption category of the policy exemption.
The expiration date and time (in UTC ISO 8601 format yyyy-MM-ddTHH:mm:ssZ) of the policy exemption.
Metadata in space-separated key=value pairs.
The policy definition reference ids to exempt in the initiative (policy set).
The resource group where the policy will be applied.
Scope to which this policy exemption applies.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
