Document Details
Create Blueprint Rest Api
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Detected Bias Types
powershell_heavy
windows_first
missing_linux_example
Summary
The documentation page demonstrates a Windows bias by providing only PowerShell-based examples for making REST API calls, with no equivalent Linux or cross-platform command-line examples (such as curl or Bash). PowerShell is recommended as the tool for REST API interaction, and no mention is made of Linux-native tools or workflows. This may disadvantage users on Linux or macOS systems, or those preferring non-PowerShell environments.
Recommendations
- Add equivalent examples using curl (or httpie) in Bash to demonstrate REST API calls, including how to acquire Azure access tokens using the Azure CLI (az account get-access-token).
- Explicitly mention that REST API calls can be made from any platform and provide guidance for both Windows and Linux/macOS users.
- Rephrase recommendations to not assume PowerShell as the default tool, and instead present both PowerShell and Bash/curl as options.
- Where PowerShell cmdlets are referenced for parsing JSON (e.g., ConvertFrom-Json), provide Linux alternatives such as jq.
- Consider including a table or section comparing common REST API invocation methods across platforms (PowerShell, Bash/curl, Postman, etc.).
Create Pull Request
Scan History
| Date | Scan | Status | Result |
|---|---|---|---|
| 2025-07-12 23:44 | #41 | cancelled |
Biased
|
| 2025-07-12 00:58 | #8 | cancelled |
 Clean
|
| 2025-07-10 05:06 | #7 | processing |
Clean
|
Flagged Code Snippets
Replace `{subscriptionId}` in the preceding `$restUri` variable to get information about your
subscription. The `$response` variable holds the result of the `Invoke-RestMethod` cmdlet, which you can parse with cmdlets such as [ConvertFrom-Json](/powershell/module/microsoft.powershell.utility/convertfrom-json). If the REST API service endpoint expects a `Request Body`, provide a JSON-formatted variable to the `-Body` parameter of `Invoke-RestMethod`.
## Create a blueprint
The first step in defining a standard pattern for compliance is to compose a blueprint from the
available resources. Let's create a blueprint named *MyBlueprint* to configure role and policy
assignments for the subscription. Then you add a resource group, an ARM template, and a role
assignment on the resource group.
> [!NOTE]
> When you're using the REST API, the _blueprint_ object is created first. For each _artifact_ to be added that has parameters, you define the parameters in advance on the initial *blueprint*.
In each REST API URI, replace the following variables with your own values:
- `{YourMG}` - Replace with the ID of your management group.
- `{subscriptionId}` - Replace with your subscription ID.
> [!NOTE]
> You can also create blueprints at the subscription level. For more information, see
> [create blueprint at subscription example](/rest/api/blueprints/blueprints/createorupdate#subscriptionblueprint).
1. Create the initial _blueprint_ object. The `Request Body` includes properties about the
blueprint, any resource groups to create, and all of the blueprint-level parameters. You set the parameters during assignment, and they're used by the artifacts you add in later steps.
- REST API URI
The value for `{BlueprintVersion}` is a string of letters, numbers, and hyphens (with no spaces or other special characters). The maximum length is 20 characters. Use something unique and informational, such as `v20180622-135541`.
## Assign a blueprint
After you've published a blueprint by using REST API, it's assignable to a subscription. Assign the blueprint that you created to one of the subscriptions under your management group hierarchy. If the blueprint is saved to a subscription, it can only be assigned to that subscription. The `Request Body` specifies the blueprint to assign, and provides the name and location to any resource groups in the blueprint definition. `Request Body` also provides all parameters defined on the blueprint and used by one or more attached artifacts.
In each REST API URI, replace the following variables with your own values:
- `{tenantId}` - Replace with your tenant ID.
- `{YourMG}` - Replace with the ID of your management group.
- `{subscriptionId}` - Replace with your subscription ID.
1. Provide the Azure Blueprints service principal the `Owner` role on the target subscription. The `AppId` is static (`f71766dc-90d9-4b7d-bd9d-4499c4331c3f`), but the service principal ID varies by tenant. Use the following REST API to request details for your tenant. It uses [Azure Active Directory Graph API](/graph/migrate-azure-ad-graph-planning-checklist), which has different authorization.
- REST API URI
### Delete a blueprint To remove the blueprint itself, use the following REST API operation: - REST API URI