ARM template resource definition
The assignments resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
To create a Microsoft.Security/assignments resource, add the following JSON to your template.
{
"type": "Microsoft.Security/assignments",
"apiVersion": "2021-08-01-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"kind": "string",
"etag": "string",
"properties": {
"additionalData": {
"exemptionCategory": "string"
},
"assignedComponent": {
"key": "string"
},
"assignedStandard": {
"id": "string"
},
"description": "string",
"displayName": "string",
"effect": "string",
"expiresOn": "string",
"metadata": {},
"scope": "string"
}
}
Property values
assignments
Name |
Description |
Value |
type |
The resource type |
'Microsoft.Security/assignments' |
apiVersion |
The resource api version |
'2021-08-01-preview' |
name |
The resource name |
string (required) |
location |
Location where the resource is stored |
string |
tags |
A list of key value pairs that describe the resource. |
Dictionary of tag names and values. See Tags in templates |
kind |
Kind of the resource |
string |
etag |
Entity tag is used for comparing two or more entities from the same requested resource. |
string |
properties |
Properties of a security assignment |
AssignmentProperties |
AssignmentProperties
Name |
Description |
Value |
additionalData |
Additional data about the assignment |
AssignmentPropertiesAdditionalData |
assignedComponent |
Component item with key as applied to this standard assignment over the given scope |
AssignedComponentItem |
assignedStandard |
Standard item with key as applied to this standard assignment over the given scope |
AssignedStandardItem |
description |
description of the standardAssignment |
string |
displayName |
display name of the standardAssignment |
string |
effect |
expected effect of this assignment (Disable/Exempt/etc) |
string |
expiresOn |
Expiration date of this assignment as a full ISO date |
string |
metadata |
The assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs. |
|
scope |
Scope to which the standardAssignment applies - can be a subscription path or a resource group under that subscription |
string |
AssignmentPropertiesAdditionalData
Name |
Description |
Value |
exemptionCategory |
Exemption category of this assignment |
string |
AssignedComponentItem
Name |
Description |
Value |
key |
unique key to a security assessment object |
string |
AssignedStandardItem
Name |
Description |
Value |
id |
full resourceId of the Microsoft.Security/standard object |
string |