Microsoft.Security assignments

Choose a deployment language

Bicep ARM template Terraform

Bicep resource definition

The assignments resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assignments resource, add the following Bicep to your template.

Bicep

resource symbolicname 'Microsoft.Security/assignments@2021-08-01-preview' = {
  etag: 'string'
  kind: 'string'
  location: 'string'
  name: 'string'
  properties: {
    additionalData: {
      exemptionCategory: 'string'
    }
    assignedComponent: {
      key: 'string'
    }
    assignedStandard: {
      id: 'string'
    }
    description: 'string'
    displayName: 'string'
    effect: 'string'
    expiresOn: 'string'
    metadata: any(...)
    scope: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

AssignedComponentItem

Name	Description	Value
key	unique key to a security assessment object	string

AssignedStandardItem

Name	Description	Value
id	full resourceId of the Microsoft.Security/standard object	string

AssignmentProperties

Name	Description	Value
additionalData	Additional data about the assignment	AssignmentPropertiesAdditionalData
assignedComponent	Component item with key as applied to this standard assignment over the given scope	AssignedComponentItem
assignedStandard	Standard item with key as applied to this standard assignment over the given scope	AssignedStandardItem
description	description of the standardAssignment	string
displayName	display name of the standardAssignment	string
effect	expected effect of this assignment (Disable/Exempt/etc)	string
expiresOn	Expiration date of this assignment as a full ISO date	string
metadata	The assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.	any
scope	Scope to which the standardAssignment applies - can be a subscription path or a resource group under that subscription	string

AssignmentPropertiesAdditionalData

Name	Description	Value
exemptionCategory	Exemption category of this assignment	string

Microsoft.Security/assignments

Name	Description	Value
etag	Entity tag is used for comparing two or more entities from the same requested resource.	string
kind	Kind of the resource	string
location	Location where the resource is stored	string
name	The resource name	string (required)
properties	Properties of a security assignment	AssignmentProperties
tags	Resource tags	Dictionary of tag names and values. See Tags in templates

Tags

Name	Description	Value

ARM template resource definition

The assignments resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assignments resource, add the following JSON to your template.

JSON

{
  "type": "Microsoft.Security/assignments",
  "apiVersion": "2021-08-01-preview",
  "name": "string",
  "etag": "string",
  "kind": "string",
  "location": "string",
  "properties": {
    "additionalData": {
      "exemptionCategory": "string"
    },
    "assignedComponent": {
      "key": "string"
    },
    "assignedStandard": {
      "id": "string"
    },
    "description": "string",
    "displayName": "string",
    "effect": "string",
    "expiresOn": "string",
    "metadata": {},
    "scope": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

AssignedComponentItem

Name	Description	Value
key	unique key to a security assessment object	string

AssignedStandardItem

Name	Description	Value
id	full resourceId of the Microsoft.Security/standard object	string

AssignmentProperties

Name	Description	Value
additionalData	Additional data about the assignment	AssignmentPropertiesAdditionalData
assignedComponent	Component item with key as applied to this standard assignment over the given scope	AssignedComponentItem
assignedStandard	Standard item with key as applied to this standard assignment over the given scope	AssignedStandardItem
description	description of the standardAssignment	string
displayName	display name of the standardAssignment	string
effect	expected effect of this assignment (Disable/Exempt/etc)	string
expiresOn	Expiration date of this assignment as a full ISO date	string
metadata	The assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.	any
scope	Scope to which the standardAssignment applies - can be a subscription path or a resource group under that subscription	string

AssignmentPropertiesAdditionalData

Name	Description	Value
exemptionCategory	Exemption category of this assignment	string

Microsoft.Security/assignments

Name	Description	Value
apiVersion	The api version	'2021-08-01-preview'
etag	Entity tag is used for comparing two or more entities from the same requested resource.	string
kind	Kind of the resource	string
location	Location where the resource is stored	string
name	The resource name	string (required)
properties	Properties of a security assignment	AssignmentProperties
tags	Resource tags	Dictionary of tag names and values. See Tags in templates
type	The resource type	'Microsoft.Security/assignments'

Tags

Name	Description	Value

Usage Examples

Terraform (AzAPI provider) resource definition

The assignments resource type can be deployed with operations that target:

• Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assignments resource, add the following Terraform to your template.

Terraform

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Security/assignments@2021-08-01-preview"
  name = "string"
  etag = "string"
  kind = "string"
  location = "string"
  tags = {
    {customized property} = "string"
  }
  body = jsonencode({
    properties = {
      additionalData = {
        exemptionCategory = "string"
      }
      assignedComponent = {
        key = "string"
      }
      assignedStandard = {
        id = "string"
      }
      description = "string"
      displayName = "string"
      effect = "string"
      expiresOn = "string"
      metadata = ?
      scope = "string"
    }
  })
}

Property Values

AssignedComponentItem

Name	Description	Value
key	unique key to a security assessment object	string

AssignedStandardItem

Name	Description	Value
id	full resourceId of the Microsoft.Security/standard object	string

AssignmentProperties

Name	Description	Value
additionalData	Additional data about the assignment	AssignmentPropertiesAdditionalData
assignedComponent	Component item with key as applied to this standard assignment over the given scope	AssignedComponentItem
assignedStandard	Standard item with key as applied to this standard assignment over the given scope	AssignedStandardItem
description	description of the standardAssignment	string
displayName	display name of the standardAssignment	string
effect	expected effect of this assignment (Disable/Exempt/etc)	string
expiresOn	Expiration date of this assignment as a full ISO date	string
metadata	The assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.	any
scope	Scope to which the standardAssignment applies - can be a subscription path or a resource group under that subscription	string

AssignmentPropertiesAdditionalData

Name	Description	Value
exemptionCategory	Exemption category of this assignment	string

Microsoft.Security/assignments

Name	Description	Value
etag	Entity tag is used for comparing two or more entities from the same requested resource.	string
kind	Kind of the resource	string
location	Location where the resource is stored	string
name	The resource name	string (required)
properties	Properties of a security assignment	AssignmentProperties
tags	Resource tags	Dictionary of tag names and values.
type	The resource type	"Microsoft.Security/assignments@2021-08-01-preview"

Tags

Name	Description	Value