I m trying to import one of the Builtin Azure Policy Definit

Question

I m trying to import one of the Builtin Azure Policy Definitions to use it in a Policy Assignment but have some difficulties with the import According to the documentation the import should be like this `pulumi import azure native authorization PolicyDefinition lt name gt subscriptions lt subid gt providers Microsoft Authorization policyDefinitions lt definitionid gt ` But the Builtin definitions are not in any subscriptions Tested running this `pulumi import azure native authorization PolicyDefinition ActivityLogStreamToLogAnalytics subscription lt one of my subscription id s gt providers Microsoft Authorization policyDefinitions 2465583e 4e78 4c15 b6be a36cbc7c8b0f` But it fails `error Preview failed resource subscription lt one of my subscription id s gt providers Microsoft Authorization policyDefinitions 2465583e 4e78 4c15 b6be a36cbc7c8b0f does not exist` Any idea how I can get this definition imported

great-queen-39697 · Answer

I don t but I m asking internally

orange-policeman-59119 · Answer

Hey < straight sunset 92336> Hmm Import creates code amp state to manage the resource but I believe the built in roles are immutable amp can t be modified by Pulumi I don t see that role definition when I run the Azure CLI either so I wonder if this might be behind a feature flag Is this a recently added role definition to Azure I found some code we use to manage Azure IAM here at Pulumi and it looks like this is how we create role assignments I modified it a bit and pasted it in as a snippet above

straight-sunset-92336 · Answer

I created a ticket and got an answer that it isn t possible to import the builtin definitions