Microsoft.PolicyInsights remediations
Bicep resource definition
The remediations resource type is an extension resource, which means you can apply it to another resource.
Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in Bicep.
Valid deployment scopes for the remediations resource are:
- Resource groups - See resource group deployment commands
- Subscriptions - See subscription deployment commands
- Management groups - See management group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.PolicyInsights/remediations@2021-10-01' = {
name: 'string'
scope: resourceSymbolicName
properties: {
failureThreshold: {
percentage: int
}
filters: {
locations: [
'string'
]
}
parallelDeployments: int
policyAssignmentId: 'string'
policyDefinitionReferenceId: 'string'
resourceCount: int
resourceDiscoveryMode: 'string'
}
}
Property values
remediations
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For Bicep, set this property to the symbolic name of the resource to apply the extension resource. |
| properties | Properties for the remediation. | RemediationProperties |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | 'ExistingNonCompliant' 'ReEvaluateCompliance' |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |
ARM template resource definition
The remediations resource type is an extension resource, which means you can apply it to another resource.
Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.
Valid deployment scopes for the remediations resource are:
- Resource groups - See resource group deployment commands
- Subscriptions - See subscription deployment commands
- Management groups - See management group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following JSON to your template.
{
"type": "Microsoft.PolicyInsights/remediations",
"apiVersion": "2021-10-01",
"name": "string",
"scope": "string",
"properties": {
"failureThreshold": {
"percentage": "int"
},
"filters": {
"locations": [ "string" ]
},
"parallelDeployments": "int",
"policyAssignmentId": "string",
"policyDefinitionReferenceId": "string",
"resourceCount": "int",
"resourceDiscoveryMode": "string"
}
}
Property values
remediations
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.PolicyInsights/remediations' |
| apiVersion | The resource api version | '2021-10-01' |
| name | The resource name | string (required) |
| scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For JSON, set the value to the full name of the resource to apply the extension resource to. |
| properties | Properties for the remediation. | RemediationProperties |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | 'ExistingNonCompliant' 'ReEvaluateCompliance' |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |
Terraform (AzAPI provider) resource definition
The remediations resource type is an extension resource, which means you can apply it to another resource.
Use the parent_id property on this resource to set the scope for this resource.
Valid deployment scopes for the remediations resource are:
- Resource groups
- Subscriptions
- Management groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.PolicyInsights/remediations resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.PolicyInsights/remediations@2021-10-01"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
failureThreshold = {
percentage = int
}
filters = {
locations = [
"string"
]
}
parallelDeployments = int
policyAssignmentId = "string"
policyDefinitionReferenceId = "string"
resourceCount = int
resourceDiscoveryMode = "string"
}
})
}
Property values
remediations
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.PolicyInsights/remediations@2021-10-01" |
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties for the remediation. | RemediationProperties |
RemediationProperties
| Name | Description | Value |
|---|---|---|
| failureThreshold | The remediation failure threshold settings | RemediationPropertiesFailureThreshold |
| filters | The filters that will be applied to determine which resources to remediate. | RemediationFilters |
| parallelDeployments | Determines how many resources to remediate at any given time. Can be used to increase or reduce the pace of the remediation. If not provided, the default parallel deployments value is used. | int |
| policyAssignmentId | The resource ID of the policy assignment that should be remediated. | string |
| policyDefinitionReferenceId | The policy definition reference ID of the individual definition that should be remediated. Required when the policy assignment being remediated assigns a policy set definition. | string |
| resourceCount | Determines the max number of resources that can be remediated by the remediation job. If not provided, the default resource count is used. | int |
| resourceDiscoveryMode | The way resources to remediate are discovered. Defaults to ExistingNonCompliant if not specified. | "ExistingNonCompliant" "ReEvaluateCompliance" |
RemediationPropertiesFailureThreshold
| Name | Description | Value |
|---|---|---|
| percentage | A number between 0.0 to 1.0 representing the percentage failure threshold. The remediation will fail if the percentage of failed remediation operations (i.e. failed deployments) exceeds this threshold. | int |
RemediationFilters
| Name | Description | Value |
|---|---|---|
| locations | The resource locations that will be remediated. | string[] |