azurerm_resource_policy_exemption

Manages a Resource Policy Exemption.

Example Usage

resource "azurerm_resource_group" "example" {
  name     = "group1"
  location = "westus"
}

resource "azurerm_virtual_network" "example" {
  name                = "network1"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  address_space       = ["10.0.0.0/16"]
}

data "azurerm_policy_set_definition" "example" {
  display_name = "Audit machines with insecure password security settings"
}

resource "azurerm_resource_policy_assignment" "example" {
  name                 = "assignment1"
  resource_id          = azurerm_virtual_network.example.id
  policy_definition_id = data.azurerm_policy_set_definition.example.id
  location             = azurerm_resource_group.example.location

  identity {
    type = "SystemAssigned"
  }
}

resource "azurerm_resource_policy_exemption" "example" {
  name                 = "exemption1"
  resource_id          = azurerm_resource_policy_assignment.example.resource_id
  policy_assignment_id = azurerm_resource_policy_assignment.example.id
  exemption_category   = "Mitigated"
}

Argument Reference

The following arguments are supported:

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

Import

Policy Exemptions can be imported using the resource id, e.g.

terraform import azurerm_resource_policy_exemption.exemption1  /subscriptions/00000000-0000-0000-000000000000/resourceGroups/resGroup1/providers/Microsoft.Authorization/policyExemptions/exemption1