Microsoft.Blueprint blueprintAssignments

ARM template resource definition

The blueprintAssignments resource type is an extension resource, which means you can apply it to another resource.

Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.

The blueprintAssignments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Blueprint/blueprintAssignments resource, add the following JSON to your template.

{
  "type": "Microsoft.Blueprint/blueprintAssignments",
  "apiVersion": "2018-11-01-preview",
  "name": "string",
  "location": "string",
  "scope": "string",
  "identity": {
    "principalId": "string",
    "tenantId": "string",
    "type": "string",
    "userAssignedIdentities": {}
  },
  "properties": {
    "blueprintId": "string",
    "description": "string",
    "displayName": "string",
    "locks": {
      "excludedPrincipals": [ "string" ],
      "mode": "string"
    },
    "parameters": {},
    "resourceGroups": {},
    "scope": "string"
  }
}

Property values

blueprintAssignments

Name Description Value
type The resource type 'Microsoft.Blueprint/blueprintAssignments'
apiVersion The resource api version '2018-11-01-preview'
name The resource name string (required)

Character limit: 90

Valid characters:
Alphanumerics, underscores, and hyphens.
location The location of this blueprint assignment. string (required)
scope Use when creating an extension resource at a scope that is different than the deployment scope. Target resource

For JSON, set the value to the full name of the resource to apply the extension resource to.

identity Managed identity for this blueprint assignment. ManagedServiceIdentity (required)
properties Properties for blueprint assignment object. AssignmentProperties (required)

ManagedServiceIdentity

Name Description Value
principalId Azure Active Directory principal ID associated with this Identity. string
tenantId ID of the Azure Active Directory. string
type Type of the managed identity. 'None'
'SystemAssigned'
'UserAssigned' (required)
userAssignedIdentities The list of user-assigned managed identities associated with the resource. Key is the Azure resource Id of the managed identity. object

AssignmentProperties

Name Description Value
blueprintId ID of the published version of a blueprint definition. string
description Multi-line explain this resource. string
displayName One-liner string explain this resource. string
locks Defines how resources deployed by a blueprint assignment are locked. AssignmentLockSettings
parameters Blueprint assignment parameter values. object (required)
resourceGroups Names and locations of resource group placeholders. object (required)
scope The target subscription scope of the blueprint assignment (format: '/subscriptions/{subscriptionId}'). For management group level assignments, the property is required. string

AssignmentLockSettings

Name Description Value
excludedPrincipals List of AAD principals excluded from blueprint locks. Up to 5 principals are permitted. string[]
mode Lock mode. 'AllResourcesDoNotDelete'
'AllResourcesReadOnly'
'None'