Skip to content

Configuring exports#

For in-flight analysis or when using policy as rules data may be exported from one or more subscriptions. To configure the export process see the following configuration options.

To use a configuration option, you must use the minimum version specified. Earlier versions of PSRule for Azure will ignore the configuration option.

General#

PSRULE_AZURE_RESOURCE_MODULE_NOWARN#

v1.38.0

This configuration option suppresses a warning when the minimum version of Az.Resources module is not installed. Unlike most options, this option can only set by environment variable.

This applies to PSRule for Azure before v1.45.0. If you are using a version of PSRule for Azure that is v1.45.0 or later, this warning is no longer displayed.

Syntax:

PSRULE_AZURE_RESOURCE_MODULE_NOWARN: boolean

Default:

PSRULE_AZURE_RESOURCE_MODULE_NOWARN: false

Example:

env:
  PSRULE_AZURE_RESOURCE_MODULE_NOWARN: true
variables:
- name: PSRULE_AZURE_RESOURCE_MODULE_NOWARN
  value: true
$Env:PSRULE_AZURE_RESOURCE_MODULE_NOWARN = 'true'
export PSRULE_AZURE_RESOURCE_MODULE_NOWARN=true

Policy as rules#

The following configuration options apply when using policy as rules.

AZURE_POLICY_IGNORE_LIST#

v1.21.0

This configuration option configures a custom list policy definitions to ignore when exporting policy to rules. In addition to the custom list, a built-in list of policies are ignored. The built-in list can be found here.

Configure this option to ignore policy definitions that:

  • Already have a rule defined.
  • Are not relevant to testing Infrastructure as Code.

Syntax:

ps-rule.yaml
configuration:
  AZURE_POLICY_IGNORE_LIST: array

Default:

ps-rule.yaml
# YAML: The default AZURE_POLICY_IGNORE_LIST configuration option
configuration:
  AZURE_POLICY_IGNORE_LIST: []

Example:

ps-rule.yaml
# YAML: Add custom policy definitions to ignore
configuration:
  AZURE_POLICY_IGNORE_LIST:
  - '/providers/Microsoft.Authorization/policyDefinitions/1f314764-cb73-4fc9-b863-8eca98ac36e9'
  - '/providers/Microsoft.Authorization/policyDefinitions/b54ed75b-3e1a-44ac-a333-05ba39b99ff0'

AZURE_POLICY_RULE_PREFIX#

v1.20.0

This configuration option sets the prefix for names of exported rules. Configure this option to change the prefix, which defaults to Azure.

This configuration option will be ignored when -Prefix is used with Export-AzPolicyAssignmentRuleData.

Syntax:

ps-rule.yaml
configuration:
  AZURE_POLICY_RULE_PREFIX: string

Default:

ps-rule.yaml
# YAML: The default AZURE_POLICY_RULE_PREFIX configuration option
configuration:
  AZURE_POLICY_RULE_PREFIX: Azure

Example:

ps-rule.yaml
# YAML: Override the prefix of exported policy rules
configuration:
  AZURE_POLICY_RULE_PREFIX: AzureCustomPrefix

Comments