I would like to deploy a policy exemption via ARM template for a policy assignment that I have in place. The objective is to exempt a particular resource group from a given subscription so the resources which are belonging to that resource group will be exempted from the compliance report.
I am referring the Microsoft Azure documentation (given below the link and sample structure of ARM JSON) to understand how to structure the ARM template but I do not find information on where to define the scope for the exemption.
https://docs.microsoft.com/en-us/azure/governance/policy/concepts/exemption-structure
"id": "/subscriptions/{subId}/resourceGroups/ExemptRG/providers/Microsoft.Authorization/policyExemptions/resourceIsNotApplicable",
"name": "resourceIsNotApplicable",
"type": "Microsoft.Authorization/policyExemptions",
"properties": {
"displayName": "This resource is scheduled for deletion",
"description": "This resources is planned to be deleted by end of quarter and has been granted a waiver to the policy.",
"metadata": {
"requestedBy": "Storage team",
"approvedBy": "IA",
"approvedOn": "2020-07-26T08:02:32.0000000Z",
"ticketRef": "4baf214c-8d54-4646-be3f-eb6ec7b9bc4f"
},
"policyAssignmentId": "/subscriptions/{mySubscriptionID}/providers/Microsoft.Authorization/policyAssignments/resourceShouldBeCompliantInit",
"policyDefinitionReferenceIds": [
"requiredTags",
"allowedLocations"
],
"exemptionCategory": "waiver",
"expiresOn": "2020-12-31T23:59:00.0000000Z"
}
}
