Standard Assignments - Create
This operation creates or updates a standard assignment with the given scope and name. standard assignments apply to all resources contained within their scope. For example, when you assign a policy at resource group scope, that policy applies to all resources in the group.
PUT https://management.azure.com/{resourceId}/providers/Microsoft.Security/standardAssignments/{standardAssignmentName}?api-version=2024-08-01URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string |
The identifier of the resource. |
|
standard
|
path | True |
string |
The standard assignments assignment key - unique key for the standard assignment Regex pattern: |
|
api-version
|
query | True |
string |
The API version to use for this operation. |
Request Body
| Name | Type | Description |
|---|---|---|
| properties.assignedStandard |
Standard item with key as applied to this standard assignment over the given scope |
|
| properties.attestationData |
Additional data about assignment that has Attest effect |
|
| properties.description |
string |
Description of the standardAssignment |
| properties.displayName |
string |
Display name of the standardAssignment |
| properties.effect |
Expected effect of this assignment (Audit/Exempt/Attest) |
|
| properties.excludedScopes |
string[] |
Excluded scopes, filter out the descendants of the scope (on management scopes) |
| properties.exemptionData |
Additional data about assignment that has Exempt effect |
|
| properties.expiresOn |
string |
Expiration date of this assignment as a full ISO date |
| properties.metadata |
The standard assignment metadata. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
OK - Standard assignment was successfully updated |
|
| 201 Created |
Created - Returns information about the new standard assignment. |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
| Put an audit standard assignment |
| Put exemption standard assignment |
Put an audit standard assignment
Sample request
PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8?api-version=2024-08-01
{
"properties": {
"displayName": "ASC Default",
"description": "Set of policies monitored by Azure Security Center for cross cloud",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Audit",
"excludedScopes": []
}
}
Sample response
{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"type": "Microsoft.Security/standardAssignments",
"properties": {
"displayName": "ASC Default",
"description": "Set of policies monitored by Azure Security Center for cross cloud",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Audit",
"excludedScopes": [],
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}{
"id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"type": "Microsoft.Security/standardAssignments",
"properties": {
"displayName": "ASC Default",
"description": "Set of policies monitored by Azure Security Center for cross cloud",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Audit",
"excludedScopes": [],
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}Put exemption standard assignment
Sample request
PUT https://management.azure.com/subscriptions/212f9889-769e-45ae-ab43-6da33674bd26/resourceGroups/ANAT_TEST_RG/providers/Microsoft.Compute/virtualMachines/anatTestE2LA/providers/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8?api-version=2024-08-01
{
"properties": {
"displayName": "Test exemption",
"description": "Exemption description",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Exempt",
"expiresOn": "2022-05-01T19:50:47.083633Z",
"exemptionData": {
"exemptionCategory": "waiver",
"assignedAssessment": {
"assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
}
}
}
}
Sample response
{
"id": "/subscriptions/212f9889-769e-45ae-ab43-6da33674bd26/resourceGroups/ANAT_TEST_RG/providers/Microsoft.Compute/virtualMachines/anatTestE2LA/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"type": "Microsoft.Security/standardAssignments",
"properties": {
"displayName": "Test exemption",
"description": "Exemption description",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Exempt",
"expiresOn": "2022-05-01T19:50:47.083633Z",
"exemptionData": {
"exemptionCategory": "waiver",
"assignedAssessment": {
"assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
}
},
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}{
"id": "/subscriptions/212f9889-769e-45ae-ab43-6da33674bd26/resourceGroups/ANAT_TEST_RG/providers/Microsoft.Compute/virtualMachines/anatTestE2LA/Microsoft.Security/standardAssignments/1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
"type": "Microsoft.Security/standardAssignments",
"properties": {
"displayName": "Test exemption",
"description": "Exemption description",
"assignedStandard": {
"id": "/providers/Microsoft.Security/securityStandards/1f3afdf9-d0c9-4c3d-847f-89da613e70a8"
},
"effect": "Exempt",
"expiresOn": "2022-05-01T19:50:47.083633Z",
"exemptionData": {
"exemptionCategory": "waiver",
"assignedAssessment": {
"assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
}
},
"metadata": {
"createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"createdOn": "2022-11-10T08:31:26.7993124Z",
"lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
"lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
}
}
}Definitions
| Name | Description |
|---|---|
|
Assigned |
Describe the properties of a security assessment object reference (by key) |
|
Assigned |
Describe the properties of a of a standard assignments object reference |
|
attestation |
Attest category of this assignment |
|
Attestation |
Additional data about assignment that has Attest effect |
|
Attestation |
Describe the properties of a assignment attestation |
| effect |
Expected effect of this assignment (Audit/Exempt/Attest) |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
exemption |
Exemption category of this assignment |
|
Exemption |
Additional data about assignment that has Exempt effect |
|
Standard |
Security Assignment on a resource group over a given scope |
|
Standard |
The standard assignment metadata |
AssignedAssessmentItem
Describe the properties of a security assessment object reference (by key)
| Name | Type | Description |
|---|---|---|
| assessmentKey |
string |
Unique key to a security assessment object |
AssignedStandardItem
Describe the properties of a of a standard assignments object reference
| Name | Type | Description |
|---|---|---|
| id |
string |
Full resourceId of the Microsoft.Security/standard object |
attestationComplianceState
Attest category of this assignment
| Name | Type | Description |
|---|---|---|
| compliant |
string |
|
| nonCompliant |
string |
|
| unknown |
string |
AttestationData
Additional data about assignment that has Attest effect
| Name | Type | Description |
|---|---|---|
| assignedAssessment |
Component item with key as applied to this standard assignment over the given scope |
|
| complianceDate |
string |
Attestation compliance date |
| complianceState |
Attest category of this assignment |
|
| evidence |
Array of links to attestation evidence |
AttestationEvidence
Describe the properties of a assignment attestation
| Name | Type | Description |
|---|---|---|
| description |
string |
The description of the evidence |
| sourceUrl |
string |
The source url of the evidence |
effect
Expected effect of this assignment (Audit/Exempt/Attest)
| Name | Type | Description |
|---|---|---|
| Attest |
string |
|
| Audit |
string |
|
| Exempt |
string |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
exemptionCategory
Exemption category of this assignment
| Name | Type | Description |
|---|---|---|
| mitigated |
string |
|
| waiver |
string |
ExemptionData
Additional data about assignment that has Exempt effect
| Name | Type | Description |
|---|---|---|
| assignedAssessment |
Component item with key as applied to this standard assignment over the given scope |
|
| exemptionCategory |
Exemption category of this assignment |
StandardAssignment
Security Assignment on a resource group over a given scope
| Name | Type | Description |
|---|---|---|
| id |
string |
Resource Id |
| name |
string |
Resource name |
| properties.assignedStandard |
Standard item with key as applied to this standard assignment over the given scope |
|
| properties.attestationData |
Additional data about assignment that has Attest effect |
|
| properties.description |
string |
Description of the standardAssignment |
| properties.displayName |
string |
Display name of the standardAssignment |
| properties.effect |
Expected effect of this assignment (Audit/Exempt/Attest) |
|
| properties.excludedScopes |
string[] |
Excluded scopes, filter out the descendants of the scope (on management scopes) |
| properties.exemptionData |
Additional data about assignment that has Exempt effect |
|
| properties.expiresOn |
string |
Expiration date of this assignment as a full ISO date |
| properties.metadata |
The standard assignment metadata. |
|
| type |
string |
Resource type |
StandardAssignmentMetadata
The standard assignment metadata
| Name | Type | Description |
|---|---|---|
| createdBy |
string |
Standard assignment Created by object id (GUID) |
| createdOn |
string |
Standard assignment creation date |
| lastUpdatedBy |
string |
Standard assignment last updated by object id (GUID) |
| lastUpdatedOn |
string |
Standard assignment last update date |