tessl/pypi-azure-mgmt-policyinsights

Microsoft Azure Policy Insights Client Library for Python providing comprehensive Azure Policy services management.

—

Pending

Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Overview

Eval results

Files

Remediations Operations

Name: tessl/pypi-azure-mgmt-policyinsights
Author: tessl

Overview

Remediations operations enable creating, managing, and monitoring policy remediations to automatically fix non-compliant resources. Remediations can be created at management group, subscription, resource group, and individual resource scopes.

Core Functionality

Management Group Operations

list_deployments_at_management_group

def list_deployments_at_management_group(
    management_group_id: str,
    remediation_name: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationDeploymentsListResult]

{ .api }

List remediation deployments at management group scope.

Parameters:

management_group_id: Management group ID
remediation_name: Name of the remediation
query_options: Optional query parameters

Returns: Paginated collection of RemediationDeploymentsListResult objects

cancel_at_management_group

def cancel_at_management_group(
    management_group_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Cancel a remediation at management group scope.

Parameters:

management_group_id: Management group ID
remediation_name: Name of the remediation

Returns: Updated Remediation object

list_for_management_group

def list_for_management_group(
    management_group_id: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationListResult]

{ .api }

List remediations for a management group.

Parameters:

management_group_id: Management group ID
query_options: Optional query parameters

Returns: Paginated collection of Remediation objects

create_or_update_at_management_group

def create_or_update_at_management_group(
    management_group_id: str,
    remediation_name: str,
    parameters: Remediation,
    **kwargs
) -> Remediation

{ .api }

Create or update a remediation at management group scope.

Parameters:

management_group_id: Management group ID
remediation_name: Name of the remediation
parameters: Remediation parameters

Returns: Created or updated Remediation object

get_at_management_group

def get_at_management_group(
    management_group_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Get a remediation at management group scope.

Parameters:

management_group_id: Management group ID
remediation_name: Name of the remediation

Returns: Remediation object

delete_at_management_group

def delete_at_management_group(
    management_group_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Delete a remediation at management group scope.

Parameters:

management_group_id: Management group ID
remediation_name: Name of the remediation

Returns: Deleted Remediation object

Subscription Operations

list_deployments_at_subscription

def list_deployments_at_subscription(
    remediation_name: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationDeploymentsListResult]

{ .api }

List remediation deployments at subscription scope.

Parameters:

remediation_name: Name of the remediation
query_options: Optional query parameters

Returns: Paginated collection of RemediationDeploymentsListResult objects

cancel_at_subscription

def cancel_at_subscription(
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Cancel a remediation at subscription scope.

Parameters:

remediation_name: Name of the remediation

Returns: Updated Remediation object

list_for_subscription

def list_for_subscription(
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationListResult]

{ .api }

List remediations for a subscription.

Parameters:

query_options: Optional query parameters

Returns: Paginated collection of RemediationListResult objects

create_or_update_at_subscription

def create_or_update_at_subscription(
    remediation_name: str,
    parameters: Remediation,
    **kwargs
) -> Remediation

{ .api }

Create or update a remediation at subscription scope.

Parameters:

remediation_name: Name of the remediation
parameters: Remediation parameters

Returns: Created or updated Remediation object

get_at_subscription

def get_at_subscription(
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Get a remediation at subscription scope.

Parameters:

remediation_name: Name of the remediation

Returns: Remediation object

delete_at_subscription

def delete_at_subscription(
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Delete a remediation at subscription scope.

Parameters:

remediation_name: Name of the remediation

Returns: Deleted Remediation object

Resource Group Operations

list_deployments_at_resource_group

def list_deployments_at_resource_group(
    subscription_id: str,
    resource_group_name: str,
    remediation_name: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationDeploymentsListResult]

{ .api }

List remediation deployments at resource group scope.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
remediation_name: Name of the remediation
query_options: Optional query parameters

Returns: Paginated collection of RemediationDeploymentsListResult objects

cancel_at_resource_group

def cancel_at_resource_group(
    subscription_id: str,
    resource_group_name: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Cancel a remediation at resource group scope.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
remediation_name: Name of the remediation

Returns: Updated Remediation object

list_for_resource_group

def list_for_resource_group(
    subscription_id: str,
    resource_group_name: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationListResult]

{ .api }

List remediations for a resource group.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
query_options: Optional query parameters

Returns: Paginated collection of Remediation objects

create_or_update_at_resource_group

def create_or_update_at_resource_group(
    subscription_id: str,
    resource_group_name: str,
    remediation_name: str,
    parameters: Remediation,
    **kwargs
) -> Remediation

{ .api }

Create or update a remediation at resource group scope.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
remediation_name: Name of the remediation
parameters: Remediation parameters

Returns: Created or updated Remediation object

get_at_resource_group

def get_at_resource_group(
    subscription_id: str,
    resource_group_name: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Get a remediation at resource group scope.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
remediation_name: Name of the remediation

Returns: Remediation object

delete_at_resource_group

def delete_at_resource_group(
    subscription_id: str,
    resource_group_name: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Delete a remediation at resource group scope.

Parameters:

subscription_id: Azure subscription ID
resource_group_name: Resource group name
remediation_name: Name of the remediation

Returns: Deleted Remediation object

Individual Resource Operations

list_deployments_at_resource

def list_deployments_at_resource(
    resource_id: str,
    remediation_name: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationDeploymentsListResult]

{ .api }

List remediation deployments at individual resource scope.

Parameters:

resource_id: Full Azure resource ID
remediation_name: Name of the remediation
query_options: Optional query parameters

Returns: Paginated collection of RemediationDeploymentsListResult objects

cancel_at_resource

def cancel_at_resource(
    resource_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Cancel a remediation at individual resource scope.

Parameters:

resource_id: Full Azure resource ID
remediation_name: Name of the remediation

Returns: Updated Remediation object

list_for_resource

def list_for_resource(
    resource_id: str,
    query_options: Optional[QueryOptions] = None,
    **kwargs
) -> ItemPaged[RemediationListResult]

{ .api }

List remediations for an individual resource.

Parameters:

resource_id: Full Azure resource ID
query_options: Optional query parameters

Returns: Paginated collection of Remediation objects

create_or_update_at_resource

def create_or_update_at_resource(
    resource_id: str,
    remediation_name: str,
    parameters: Remediation,
    **kwargs
) -> Remediation

{ .api }

Create or update a remediation at individual resource scope.

Parameters:

resource_id: Full Azure resource ID
remediation_name: Name of the remediation
parameters: Remediation parameters

Returns: Created or updated Remediation object

get_at_resource

def get_at_resource(
    resource_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Get a remediation at individual resource scope.

Parameters:

resource_id: Full Azure resource ID
remediation_name: Name of the remediation

Returns: Remediation object

delete_at_resource

def delete_at_resource(
    resource_id: str,
    remediation_name: str,
    **kwargs
) -> Remediation

{ .api }

Delete a remediation at individual resource scope.

Parameters:

resource_id: Full Azure resource ID
remediation_name: Name of the remediation

Returns: Deleted Remediation object

Related Types

Remediation

class Remediation:
    id: Optional[str]
    type: Optional[str]
    name: Optional[str]
    system_data: Optional[SystemData]
    policy_assignment_id: Optional[str]
    policy_definition_reference_id: Optional[str]
    resource_discovery_mode: Optional[Union[str, ResourceDiscoveryMode]]
    provisioning_state: Optional[str]
    created_on: Optional[datetime.datetime]
    last_updated_on: Optional[datetime.datetime]
    filters: Optional[RemediationFilters]
    deployment_status: Optional[RemediationDeploymentSummary]
    status_message: Optional[str]
    correlation_id: Optional[str]
    resource_count: Optional[int]
    parallel_deployments: Optional[int]
    failure_threshold: Optional[RemediationPropertiesFailureThreshold]

{ .api }

RemediationDeployment

class RemediationDeployment:
    remediated_resource_id: Optional[str]
    deployment_id: Optional[str]
    status: Optional[str]
    resource_location: Optional[str]
    error: Optional[ErrorDefinition]
    created_on: Optional[datetime.datetime]
    last_updated_on: Optional[datetime.datetime]

{ .api }

RemediationFilters

class RemediationFilters:
    locations: Optional[List[str]]

{ .api }

RemediationDeploymentSummary

class RemediationDeploymentSummary:
    total_deployments: Optional[int]
    successful_deployments: Optional[int]
    failed_deployments: Optional[int]

{ .api }

ResourceDiscoveryMode Enum

class ResourceDiscoveryMode(str, Enum):
    EXISTING_NON_COMPLIANT = "ExistingNonCompliant"
    RE_EVALUATE_COMPLIANCE = "ReEvaluateCompliance"

{ .api }

Usage Examples

Create Subscription-Level Remediation

from azure.mgmt.policyinsights.models import Remediation, ResourceDiscoveryMode

# Create a remediation for non-compliant resources
remediation_params = Remediation(
    policy_assignment_id="/subscriptions/{subscription-id}/providers/Microsoft.Authorization/policyAssignments/my-policy-assignment",
    resource_discovery_mode=ResourceDiscoveryMode.EXISTING_NON_COMPLIANT,
    parallel_deployments=5,
    failure_threshold={"percentage": 0.1}  # Allow 10% failure rate
)

remediation = client.remediations.create_or_update_at_subscription(
    remediation_name="fix-non-compliant-storage-accounts",
    parameters=remediation_params
)

print(f"Created remediation: {remediation.name}")
print(f"Status: {remediation.provisioning_state}")

Monitor Remediation Progress

# Get remediation status
remediation = client.remediations.get_at_subscription(
    remediation_name="fix-non-compliant-storage-accounts"
)

print(f"Remediation status: {remediation.provisioning_state}")
print(f"Resources to remediate: {remediation.resource_count}")

if remediation.deployment_status:
    status = remediation.deployment_status
    print(f"Total deployments: {status.total_deployments}")
    print(f"Successful: {status.successful_deployments}")
    print(f"Failed: {status.failed_deployments}")

# List deployment details
deployments = client.remediations.list_deployments_at_subscription(
    remediation_name="fix-non-compliant-storage-accounts"
)

for deployment in deployments:
    print(f"Resource: {deployment.remediated_resource_id}")
    print(f"Status: {deployment.status}")
    if deployment.error:
        print(f"Error: {deployment.error.message}")

Cancel Remediation

# Cancel a running remediation
cancelled_remediation = client.remediations.cancel_at_subscription(
    remediation_name="fix-non-compliant-storage-accounts"
)

print(f"Remediation cancelled: {cancelled_remediation.provisioning_state}")

Create Resource Group Remediation with Filters

from azure.mgmt.policyinsights.models import RemediationFilters

# Create remediation with location filter
remediation_params = Remediation(
    policy_assignment_id="/subscriptions/{subscription-id}/providers/Microsoft.Authorization/policyAssignments/my-policy-assignment",
    resource_discovery_mode=ResourceDiscoveryMode.RE_EVALUATE_COMPLIANCE,
    filters=RemediationFilters(
        locations=["eastus", "westus2"]  # Only remediate resources in these regions
    )
)

remediation = client.remediations.create_or_update_at_resource_group(
    subscription_id=subscription_id,
    resource_group_name="production-rg",
    remediation_name="fix-location-specific-issues",
    parameters=remediation_params
)

List All Remediations

# List all remediations for a subscription
remediations = client.remediations.list_for_subscription(
    query_options=QueryOptions(top=50)
)

for remediation in remediations:
    print(f"Name: {remediation.name}")
    print(f"Policy Assignment: {remediation.policy_assignment_id}")
    print(f"Status: {remediation.provisioning_state}")
    print(f"Resource Count: {remediation.resource_count}")
    print("---")

Install with Tessl CLI

npx tessl i tessl/pypi-azure-mgmt-policyinsights

docs

index.md

policy-events.md

policy-metadata.md

policy-restrictions.md

policy-states.md

policy-tracked-resources.md

remediations.md

tile.json

tessl/pypi-azure-mgmt-policyinsights

remediations.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}docs/

Remediations Operations

Overview

Core Functionality

Management Group Operations

list_deployments_at_management_group

cancel_at_management_group

list_for_management_group

create_or_update_at_management_group

get_at_management_group

delete_at_management_group

Subscription Operations

list_deployments_at_subscription

cancel_at_subscription

list_for_subscription

create_or_update_at_subscription

get_at_subscription

delete_at_subscription

Resource Group Operations

list_deployments_at_resource_group

cancel_at_resource_group

list_for_resource_group

create_or_update_at_resource_group

get_at_resource_group

delete_at_resource_group

Individual Resource Operations

list_deployments_at_resource

cancel_at_resource

list_for_resource

create_or_update_at_resource

get_at_resource

delete_at_resource

Related Types

Remediation

RemediationDeployment

RemediationFilters

RemediationDeploymentSummary

ResourceDiscoveryMode Enum

Usage Examples

Create Subscription-Level Remediation

Monitor Remediation Progress

Cancel Remediation

Create Resource Group Remediation with Filters

List All Remediations

remediations.mddocs/