Get-AzPolicyState cmd gives PolicyAssignment Id instead PolicyAssignmentName

syed ahmar 21 Reputation points
2022-11-04T12:37:31.233+00:00

Hello Everyone,-> I have a Tenant with multiple Subscriptions in the Azure cloud.

-> When I run Get-AzPolicyState cmd in PowerShell it gives output as

PolicyAssignmentName : xxxxxxxxxxxxxxxx

PolicyAssignmentOwner : xxxxx

PolicyAssignmentScope : xxxxxxxxxxx

PolicyDefinitionName : xxxxxxxxxxxxxxxxxx

PolicyDefinitionAction : xxxxxxxxxxxxxx

PolicyDefinitionCategory : xxxxxxxxxxx

PolicySetDefinitionId : xxxxxxxx

PolicySetDefinitionName : xxxxxx

PolicySetDefinitionCategory : xxxxxxxx

ManagementGroupIds : xxxxxxxxxx

PolicyDefinitionReferenceId : xxxxxxxxx

ComplianceState : xxxxx

AdditionalProperties : xxxxx

-> The problem is in the 1st line PolicyAssignmentName, it gives the result as Policy Assignment Id like a combination of alphanumeric instead Policy Assignment name which is assigned earlier in the combination of alphabets like "Allowed VM SKUs" .

-> I have tried with other Subscriptions and Azure CLI as well and gives the same result.

-> I need the Policy Assignment name as an output along with other details like compliance state, scope, etc

-> Any lead to this question would be a great help to me.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
792 questions
0 comments
Accepted answer
  1. Stanislav Zhelyazkov 21,101 Reputation points MVP
    2022-11-04T14:12:31.417+00:00

    Hi,
    Policy assignments have name (id) and display names. The Built-in policies usually have name in GUID format and what is shown in the portal is the display name. This is especially important as policy assignments assigned at management group scope have limit of 24 characters for name (id) so you cannot find the information from display name there. At subscription scope the limit is 64 characters. Source.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jesse Loudon 336 Reputation points MVP
    2022-11-07T00:17:24.447+00:00

    Hey @syed ahmar

    To easily capture the PolicyAssignmentName values (and many other values) I've used a PowerShell script with REST API call as an effective method.

    Link: https://github.com/globalbao/azure-policy-as-code/blob/main/x_PolicyMgmt/policyCompliance-exportToCSV.ps1

    The above can target multiple Subscriptions in a Tenant and will output to CSV.

    Hope that helps,
    Jesse