Skip to content

Commit 66da46b

Browse files
PRMerger19PRMerger19
authored
Merge pull request #110143 from DCtheGeek/dmc-policy-ghi51644
Fixes MicrosoftDocs/azure-docs#51644 - Clarifies function availability
2 parents 4d21671 + 42ad94d commit 66da46b

File tree

1 file changed

+12
-7
lines changed

1 file changed

+12
-7
lines changed

articles/governance/policy/concepts/definition-structure.md

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
title: Details of the policy definition structure
33
description: Describes how policy definitions are used to establish conventions for Azure resources in your organization.
4-
ms.date: 02/26/2020
4+
ms.date: 04/03/2020
55
ms.topic: conceptual
66
---
77
# Azure Policy definition structure
@@ -695,6 +695,10 @@ use within a policy rule, except the following functions and user-defined functi
695695
- resourceId()
696696
- variables()
697697

698+
> [!NOTE]
699+
> These functions are still available within the `details.deployment.properties.template` portion of
700+
> the template deployment in a **deployIfNotExists** policy definition.
701+
698702
The following function is available to use in a policy rule, but differs from use in an Azure
699703
Resource Manager template:
700704

@@ -711,12 +715,15 @@ The following functions are only available in policy rules:
711715
- `field(fieldName)`
712716
- **fieldName**: [Required] string - Name of the [field](#fields) to retrieve
713717
- Returns the value of that field from the resource that is being evaluated by the If condition
714-
- `field` is primarily used with **AuditIfNotExists** and **DeployIfNotExists** to reference fields on the resource that are being evaluated. An example of this use can be seen in the [DeployIfNotExists example](effects.md#deployifnotexists-example).
718+
- `field` is primarily used with **AuditIfNotExists** and **DeployIfNotExists** to reference
719+
fields on the resource that are being evaluated. An example of this use can be seen in the
720+
[DeployIfNotExists example](effects.md#deployifnotexists-example).
715721
- `requestContext().apiVersion`
716-
- Returns the API version of the request that triggered policy evaluation (example: `2019-09-01`). This will be the API version that was used in the PUT/PATCH request for evaluations on resource creation/update. The latest API version is always used during compliance evaluation on existing resources.
722+
- Returns the API version of the request that triggered policy evaluation (example: `2019-09-01`).
723+
This will be the API version that was used in the PUT/PATCH request for evaluations on resource
724+
creation/update. The latest API version is always used during compliance evaluation on existing
725+
resources.
717726

718-
719-
720727
#### Policy function example
721728

722729
This policy rule example uses the `resourceGroup` resource function to get the **name** property,
@@ -842,8 +849,6 @@ This sample rule checks for any matches of **ipRules\[\*\].value** to **10.0.4.1
842849
}
843850
```
844851

845-
846-
847852
For more information, see [evaluating the [\*]
848853
alias](../how-to/author-policies-for-arrays.md#evaluating-the--alias).
849854

0 commit comments

Comments
 (0)