Policy definition microsoft.authorization/policydefinitions Azure Resource type

Policy definition - Microsoft Azure Resource type
microsoft.authorization/policydefinitions

Resource provider (RP) - Microsoft Authorization [Microsoft.Authorization]
RP	Microsoft.Authorization
RP display name	Microsoft Authorization
RP Resource types	Resource types: 60
RP aliases	RP aliases: 359
RP Azure Policy	Azure Policy definitions: 32 • if: 15 • then.deployment: 16 • then.details: 1 • then.existenceCondition: 2 • then.operations: 0
RP RBAC operations	RP RBAC operations: 76 • RP RBAC operationType action: 9 • RP RBAC operationType delete: 17 • RP RBAC operationType read: 30 • RP RBAC operationType write: 20
RP RBAC Roles & Operation actions	Unique RBAC Roles: 344 • RBAC Roles with action operationType: 7 • RBAC Roles with delete operationType: 23 • RBAC Roles with read operationType: 342 • RBAC Roles with write operationType: 21
RP related 1st party Service Principals	RP related 1st party Service Principals: 6 • Request Approvals Read Platform (appId: d8c767ef-3e9a-48c4-aef9-562696539b39) [ JSON;CSV] • n/a (appId: 4eaceb75-fe6c-4953-b873-0fd565ecd334) • MS-PIM (appId: 01fc33a7-78ba-4d2f-a4b7-768e336e890e) [ JSON;CSV] • Microsoft Azure Authorization Resource Provider (appId: 1dcb1bc7-c721-498e-b2fa-bcddcea44171) [ JSON;CSV] • Microsoft Azure Authorization Private Link Provider (appId: de926fbf-e23b-41f9-ae15-c943a9cfa630) [ JSON;CSV] • Azure RBAC Data Plane (appId: 5861f7fb-5582-4c1a-83c0-fc5ffdb531a6) [ JSON;CSV]
All Azure RPs	• Microsoft Learn • AzResourceTypesAdvertizer (Microsoft only)

Resource provider (RP) - Microsoft Authorization [Microsoft.Authorization]

Microsoft.Authorization

RP display name

Microsoft Authorization

RP Resource types

Resource types: 60

RP aliases

RP aliases: 359

RP Azure Policy

Azure Policy definitions: 32
• if: 15
• then.deployment: 16
• then.details: 1
• then.existenceCondition: 2
• then.operations: 0

RP RBAC operations

RP RBAC operations: 76
• RP RBAC operationType action: 9
• RP RBAC operationType delete: 17
• RP RBAC operationType read: 30
• RP RBAC operationType write: 20

RP RBAC Roles & Operation actions

Unique RBAC Roles: 344
• RBAC Roles with action operationType: 7
• RBAC Roles with delete operationType: 23
• RBAC Roles with read operationType: 342
• RBAC Roles with write operationType: 21

RP related 1st party Service Principals

RP related 1st party Service Principals: 6
• Request Approvals Read Platform (appId: d8c767ef-3e9a-48c4-aef9-562696539b39) [ JSON;CSV]
• n/a (appId: 4eaceb75-fe6c-4953-b873-0fd565ecd334)
• MS-PIM (appId: 01fc33a7-78ba-4d2f-a4b7-768e336e890e) [ JSON;CSV]
• Microsoft Azure Authorization Resource Provider (appId: 1dcb1bc7-c721-498e-b2fa-bcddcea44171) [ JSON;CSV]
• Microsoft Azure Authorization Private Link Provider (appId: de926fbf-e23b-41f9-ae15-c943a9cfa630) [ JSON;CSV]
• Azure RBAC Data Plane (appId: 5861f7fb-5582-4c1a-83c0-fc5ffdb531a6) [ JSON;CSV]

All Azure RPs

• Microsoft Learn
• AzResourceTypesAdvertizer (Microsoft only)

RT information

microsoft.authorization/policydefinitions

RT display name

Policy definition

RT type only
(without RP)

policyDefinitions

RT sub- Resource types

sub-Resource types: 1

RT schema

n/a

All Microsoft Azure RTs

AzResourceTypesAdvertizer

Aliases and Azure Policy

Aliases

aliases: 10

Azure Policy

Azure Policy definitions: 2
• if: 1
• then.deployment: 1
• then.details: 0
• then.existenceCondition: 1
• then.operations: 0

RBAC Operations and Roles & Roles related operation actions

RBAC operations

RBAC operations: 3
• RBAC operationType delete: 1
• RBAC operationType read: 1
• RBAC operationType write: 1

RBAC Roles & Operation actions

Unique RBAC Roles: 313
• RBAC Roles with delete operationType: 6
• RBAC Roles with read operationType: 313
• RBAC Roles with write operationType: 6

Capabilities & Locations

Diagnostic logs

False

Azure Resource Diagnostic settings metrics

Diagnostic metrics

False

Customer-managed key (CMK) [experimental]

Unknown
• Enforce Encryption with a customer-managed key (CMK) at scale

System-Assigned-Resource-Identity

False

Cross-ResourceGroup-Resource-Move

False

Cross-Subscription-Resource-Move

False

Tags

False

Extension

True

Private-Endpoint

False

Supported Locations for Private-Endpoint

n/a

Non supported Locations for Private-Endpoint

n/a

Location

False

Locations

n/a

Not locations

n/a

Assessment tooling

Azure Advisor

n/a

Azure Proactive Resilience Library v2 (APRLv2)

n/a

PSRule for Azure

PSRule for Azure rules: 1
• Operational Excellence [Awareness] Use descriptive policies

Azure Quick Review (AZQR)

n/a

Infrastructure as Code (IaC)

ARM (Azure Resource Manager) templates

ARM (Azure Resource Manager) template API versions: 16
• latest

• 2025-03-01
• 2025-01-01
• 2024-05-01
• 2023-04-01
• 2021-06-01
• 2020-09-01
• 2020-03-01
• 2019-09-01
• 2019-06-01
• 2019-01-01
• 2018-05-01
• 2018-03-01
• 2016-12-01
• 2016-04-01
• 2015-11-01
• 2015-10-01-preview

Bicep templates

Bicep template API versions: 16
• latest

Terraform provider

Terraform providers: 1
• policy_definition

AzAPI Terraform templates

AzAPI Terraform template API versions: 16
• latest

Pulumi provider

Pulumi providers: 2
• authorization/policydefinition
• authorization/policydefinitionatmanagementgroup

OpenTofu provider

OpenTofu TF providers: 1
• policy_definition

Azure Verified Modules (AVM) Bicep

n/a

Azure Verified Modules (AVM) Terraform

n/a

REST-API (Representational State Transfer - Application Programming Interface)

REST-API versions

REST-API versions: 15

• 2025-01-01
• 2024-05-01
• 2023-04-01
• 2021-06-01
• 2020-09-01
• 2020-08-01
• 2020-03-01
• 2019-09-01
• 2019-06-01
• 2019-01-01
• 2018-05-01
• 2018-03-01
• 2016-12-01
• 2016-04-01
• 2015-10-01-preview

REST-API version default

n/a

API profiles

API profiles: 3
• 2018-06-01-profile
• 2018-03-01;2019-03-01-hybrid
• 2016-12-01

Resource naming

Azure Naming Tool

The Azure Naming Tool was created to help administrators define and manage their naming conventions, while providing a simple interface for users to generate a compliant name.

Resource naming details

[
  {
    "property": "Resoure Name",
    "ShortName": "policy",
    "scope": "scope of definition",
    "lengthMin": "1",
    "lengthMax": "64",
    "validText": "Display name can contain any characters.",
    "invalidText": "Can't include percent sign and can't end with period or space.",
    "invalidCharacters": "%",
    "invalidCharactersStart": "",
    "invalidCharactersEnd": ". ",
    "invalidCharactersConsecutive": "",
    "regx": "^(?!.*[\\.]$)(?!.* $)[^%]{1,64}$",
    "staticValues": ""
  },
  {
    "property": "Display Name",
    "ShortName": "policy",
    "scope": "scope of definition",
    "lengthMin": "1",
    "lengthMax": "128",
    "validText": "Display name can contain any characters.",
    "invalidText": "Can't include percent sign and can't end with period or space.",
    "invalidCharacters": "%",
    "invalidCharactersStart": "",
    "invalidCharactersEnd": ". ",
    "invalidCharactersConsecutive": "",
    "regx": "^(?!.*[\\.]$)(?!.* $)[^%]{1,128}$",
    "staticValues": ""
  }
]

Policy definition - Microsoft Azure Resource typemicrosoft.authorization/policydefinitions

Policy definition - Microsoft Azure Resource type
microsoft.authorization/policydefinitions