Azure · Celinadhh · Feb 18, 2026 · Mar 6, 2026 · Mar 6, 2026
diff --git a/src/Resources/Policy.Autorest/README.md b/src/Resources/Policy.Autorest/README.md
@@ -28,28 +28,32 @@ For information on how to develop for `Az.Policy`, see [how-to.md](how-to.md).
 
 ``` yaml
 # Please specify the commit id that includes your features to make sure generated codes stable.
-commit: 412364b282e52b50eadc3cd88d56d283b6c8712a
+commit: 2b3c430bff9474d80080498090d71caf3fafcb75
 require:
 # readme.azure.noprofile.md is the common configuration file
   - $(this-folder)/../../readme.azure.noprofile.md
 input-file:
 # You need to specify your swagger files here.
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json
-  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/stable/2025-03-01/policyDefinitions.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/stable/2025-03-01/policySetDefinitions.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/stable/2025-03-01/policyDefinitionVersions.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/stable/2025-03-01/policySetDefinitionVersions.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/stable/2025-03-01/policyAssignments.json
+  - $(repo)/specification/resources/resource-manager/Microsoft.Authorization/policy/preview/2024-12-01-preview/policyExemptions.json
 # If the swagger has not been put in the repo, you may uncomment the following line and refer to it locally
-#  - ..\..\..\..\azure-rest-api-specs\specification\resources\resource-manager\Microsoft.Authorization\stable\2023-04-01\policyDefinitionVersions.json
-#  - ..\..\..\..\azure-rest-api-specs\specification\resources\resource-manager\Microsoft.Authorization\stable\2023-04-01\policySetDefinitionVersions.json
+#  - ..\..\..\..\azure-rest-api-specs\specification\resources\resource-manager\Microsoft.Authorization\stable\2025-03-01\policyDefinitionVersions.json
+#  - ..\..\..\..\azure-rest-api-specs\specification\resources\resource-manager\Microsoft.Authorization\stable\2025-03-01\policySetDefinitionVersions.json
 
 # For new RP, the version is 0.1.1
 module-version: 0.1.1
 # Normally, title is the service name
 root-module-name: $(prefix).Resources
 title: Policy
 subject-prefix: Policy
+# because autorest.powershell is unable to transform IdentityType as the best practice design if it uses managed identity
+# we hide the original cmdlet and custom it under /custom folder
+disable-transform-identity-type-for-operation:
+  - PolicyAssignments_Update
 
 # If there are post APIs for some kinds of actions in the RP, you may need to 
 # uncomment following line to support viaIdentity for these post APIs
@@ -173,6 +177,9 @@ directive:
   - from: swagger-document
     where: $.definitions.PolicySetDefinitionProperties.properties.policyDefinition.groupNames
     transform: $['additionalProperties'] = true;
+  - from: swagger-document
+    where: $.definitions.ExternalEvaluationEndpointSettings.properties.details
+    transform: $['additionalProperties'] = true;
 
   # versioning serialization
   - from: swagger-document

diff --git a/src/Resources/Policy.Autorest/custom/Get-AzPolicyAssignment.ps1 b/src/Resources/Policy.Autorest/custom/Get-AzPolicyAssignment.ps1
@@ -49,7 +49,7 @@ param(
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')]
     [System.String]
     # The scope of the policy assignment.
-    # Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'
+    # Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}'), or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}')
     ${Scope},
 
     [Parameter(ParameterSetName='Id', Mandatory, ValueFromPipelineByPropertyName)]
@@ -75,12 +75,6 @@ param(
     # Causes the list of returned policy assignments to include all assignments related to the given scope, including those from ancestor scopes and those from descendent scopes. If not provided, only assignments at and above the given scope are included.
     ${IncludeDescendent},
 
-    [Parameter()]
-    [Obsolete('This parameter is a temporary bridge to new types and formats and will be removed in a future release.')]
-    [System.Management.Automation.SwitchParameter]
-    # Causes cmdlet to return artifacts using legacy format placing policy-specific properties in a property bag object.
-    ${BackwardCompatible} = $false,
-
     [Parameter(DontShow)]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')]
     [System.String]
@@ -92,6 +86,13 @@ param(
     # If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value}.
     ${Filter},
 
+    [Parameter(ParameterSetName='Name', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='Id', ValueFromPipelineByPropertyName)]
+    [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')]
+    [System.String]
+    # Comma-separated list of additional properties to be included in the response. Supported values are 'LatestDefinitionVersion, EffectiveDefinitionVersion'.
+    ${Expand},
+
     [Parameter()]
     [Alias('AzureRMContext', 'AzureCredential')]
     [ValidateNotNull()]
@@ -152,9 +153,6 @@ begin {
     # make mapping table
     $mapping = @{
         Get = 'Az.Policy.private\Get-AzPolicyAssignment_Get';
-        Get1 = 'Az.Policy.private\Get-AzPolicyAssignment_Get1';
-        GetViaIdentity = 'Az.Policy.private\Get-AzPolicyAssignment_GetViaIdentity';
-        GetViaIdentity1 = 'Az.Policy.private\Get-AzPolicyAssignment_GetViaIdentity1';
         List = 'Az.Policy.private\Get-AzPolicyAssignment_List';
         List1 = 'Az.Policy.private\Get-AzPolicyAssignment_List1';
         List2 = 'Az.Policy.private\Get-AzPolicyAssignment_List2';
@@ -180,8 +178,10 @@ process {
         $calledParameters.Scope = $Scope
     }
     elseif ($Id) {
-        $calledParameterSet = 'Get1'
-        $calledParameters.Id = $Id
+        $calledParameterSet = 'Get'
+        $parsed = ParsePolicyAssignmentId $Id
+        $calledParameters.Name = $parsed.Name
+        $calledParameters.Scope = $parsed.Scope
     }
     else {
         # set up filter values for list case
@@ -236,9 +236,9 @@ process {
         $null = $calledParameters.Remove('Scope')
     }
 
+    $null = $calledParameters.Remove('Id')
     $null = $calledParameters.Remove('PolicyDefinitionId')
     $null = $calledParameters.Remove('IncludeDescendent')
-    $null = $calledParameters.Remove('BackwardCompatible')
 
     if ($writeln) {
         Write-Host -ForegroundColor Blue -> $mapping[$calledParameterSet]'(' $calledParameters ')'
@@ -251,35 +251,6 @@ process {
     $object = Invoke-Command -ScriptBlock $scriptCmd
 
     foreach ($item in $object) {
-        # add property bag for backward compatibility with previous SDK cmdlets
-        if ($BackwardCompatible) {
-            $propertyBag = @{
-                Description = $item.Description;
-                DisplayName = $item.DisplayName;
-                EnforcementMode = $item.EnforcementMode;
-                Metadata = (ConvertObjectToPSObject $item.Metadata);
-                NonComplianceMessages = (ConvertObjectToPSObject $item.NonComplianceMessage);
-                NotScopes = (ConvertObjectToPSObject $item.NotScope);
-                Parameters = (ConvertObjectToPSObject $item.Parameter);
-                PolicyDefinitionId = $item.PolicyDefinitionId;
-                Scope = $item.Scope
-            }
-
-            $identity = @{
-                IdentityType = $item.IdentityType;
-                PrincipalId = $item.IdentityPrincipalId;
-                TenantId = $item.IdentityTenantId;
-                UserAssignedIdentities = [PSCustomObject]$item.IdentityUserAssignedIdentity
-            }
-
-            $item | Add-Member -MemberType NoteProperty -Name 'Identity' -Value ([PSCustomObject]($identity))
-            $item | Add-Member -MemberType NoteProperty -Name 'Properties' -Value ([PSCustomObject]($propertyBag))
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceId' -Value $item.Id
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceName' -Value $item.Name
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceType' -Value $item.Type
-            $item | Add-Member -MemberType NoteProperty -Name 'PolicyAssignmentId' -Value $item.Id
-        }
-
         $item | Add-Member -MemberType NoteProperty -Name 'Metadata' -Value (ConvertObjectToPSObject $item.Metadata) -Force
         $item | Add-Member -MemberType NoteProperty -Name 'NonComplianceMessage' -Value (ConvertObjectToPSObject $item.NonComplianceMessage) -Force
         $item | Add-Member -MemberType NoteProperty -Name 'NotScope' -Value (ConvertObjectToPSObject $item.NotScope) -Force

diff --git a/src/Resources/Policy.Autorest/custom/Get-AzPolicyDefinition.ps1 b/src/Resources/Policy.Autorest/custom/Get-AzPolicyDefinition.ps1
@@ -35,8 +35,6 @@ param(
     [Parameter(ParameterSetName='Name', ValueFromPipelineByPropertyName)]
     [Parameter(ParameterSetName='ManagementGroupName', ValueFromPipelineByPropertyName)]
     [Parameter(ParameterSetName='SubscriptionId', ValueFromPipelineByPropertyName)]
-    [Parameter(ParameterSetName='Version', ValueFromPipelineByPropertyName)]
-    [Parameter(ParameterSetName='ListVersion', ValueFromPipelineByPropertyName)]
     [ValidateNotNullOrEmpty()]
     [Alias('PolicyDefinitionName')]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')]
@@ -45,8 +43,6 @@ param(
     ${Name},
 
     [Parameter(ParameterSetName='Id', Mandatory, ValueFromPipelineByPropertyName)]
-    [Parameter(ParameterSetName='Version', ValueFromPipelineByPropertyName)]
-    [Parameter(ParameterSetName='ListVersion', ValueFromPipelineByPropertyName)]
     [ValidateNotNullOrEmpty()]
     [Alias('ResourceId')]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Path')]
@@ -92,26 +88,26 @@ param(
     # Causes cmdlet to return only static policy definitions.
     ${Static},
 
-    [Parameter(ParameterSetName='Version', Mandatory, ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='Name', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='ManagementGroupName', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='SubscriptionId', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='Id', ValueFromPipelineByPropertyName)]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Body')]
     [ValidateNotNullOrEmpty()]
     [Alias('PolicyDefinitionVersion')]
     [System.String]
     # The policy definition version in #.#.# format.
     ${Version},
 
-    [Parameter(ParameterSetName='ListVersion', Mandatory, ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='Name', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='ManagementGroupName', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='SubscriptionId', ValueFromPipelineByPropertyName)]
+    [Parameter(ParameterSetName='Id', ValueFromPipelineByPropertyName)]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')]
     [System.Management.Automation.SwitchParameter]
-    # Causes cmdlet to return only custom policy definitions.
+    # Causes cmdlet to return only custom policy definitions versions.
     ${ListVersion},
 
-    [Parameter()]
-    [Obsolete('This parameter is a temporary bridge to new types and formats and will be removed in a future release.')]
-    [System.Management.Automation.SwitchParameter]
-    # Causes cmdlet to return artifacts using legacy format placing policy-specific properties in a property bag object.
-    ${BackwardCompatible} = $false,
-
     [Parameter(DontShow)]
     [Microsoft.Azure.PowerShell.Cmdlets.Policy.Category('Query')]
     [System.String]
@@ -223,12 +219,12 @@ process {
         throw 'Only ManagementGroupName or SubscriptionId can be provided, not both.'
     }
 
-    if ($PSBoundParameters['Version'] -and !$PSBoundParameters['Name'] -and !$PSBoundParameters['Id']) {
-        throw 'Version is only allowed if Name or Id  are provided.'
+    if ($PSBoundParameters['Version'] -and !(($PSBoundParameters['Name'] -xor $PSBoundParameters['Id']))) {
+        throw 'Version is only allowed when exactly one of Name or Id is provided.'
     }
 
-    if ($PSBoundParameters['ListVersion'] -and !$PSBoundParameters['Name'] -and !$PSBoundParameters['Id']) {
-        throw 'ListVersion is only allowed if Name or Id  are provided.'
+    if ($PSBoundParameters['ListVersion'] -and !(($PSBoundParameters['Name'] -xor $PSBoundParameters['Id']))) {
+        throw 'ListVersion is only allowed when exactly one of Name or Id is provided.'
     }
 
     # handle specific parameter sets
@@ -283,7 +279,11 @@ process {
             }
         }
         elseif ($PSBoundParameters['ManagementGroupName']) {
-            $PSBoundParameters['ManagementGroupId'] = $PSBoundParameters['ManagementGroupName']
+            if (!($PSBoundParameters['Version'] -or $PSBoundParameters['ListVersion'])) {
+                $PSBoundParameters['ManagementGroupId'] = $PSBoundParameters['ManagementGroupName']
+                $null = $PSBoundParameters.Remove('ManagementGroupName')
+            }
+
             if ($PSBoundParameters['Name']) {
                 $calledParameterSet = 'NameMG'
             }
@@ -310,8 +310,6 @@ process {
     }
 
     # remove parameters not used by generated cmdlets
-    $null = $PSBoundParameters.Remove('BackwardCompatible')
-    $null = $PSBoundParameters.Remove('ManagementGroupName')
     $null = $PSBoundParameters.Remove('Id')
     $null = $PSBoundParameters.Remove('Builtin')
     $null = $PSBoundParameters.Remove('Custom')
@@ -327,7 +325,6 @@ process {
     $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$calledParameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet)
     $scriptCmd = {& $wrappedCmd @PSBoundParameters}
 
-    # get output and fix up for backward compatibility
     try {
         $output = Invoke-Command -ScriptBlock $scriptCmd
     }
@@ -353,30 +350,12 @@ process {
     }
 
     foreach ($item in $output) {
-        # add property bag for backward compatibility with previous SDK cmdlets
-        if ($BackwardCompatible) {
-            $propertyBag = @{
-                Description = $item.Description;
-                DisplayName = $item.DisplayName;
-                Metadata = ConvertObjectToPSObject $item.Metadata;
-                Mode = $item.Mode;
-                Parameters = ConvertObjectToPSObject $item.Parameter;
-                PolicyRule = ConvertObjectToPSObject $item.PolicyRule;
-                PolicyType = $item.PolicyType
-            }
-
-            $item | Add-Member -MemberType NoteProperty -Name 'Properties' -Value ([PSCustomObject]($propertyBag))
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceId' -Value $item.Id
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceName' -Value $item.Name
-            $item | Add-Member -MemberType NoteProperty -Name 'ResourceType' -Value $item.Type
-            $item | Add-Member -MemberType NoteProperty -Name 'PolicyDefinitionId' -Value $item.Id
-        }
-
         # use PSCustomObject for JSON properties
         $item | Add-Member -MemberType NoteProperty -Name 'Metadata' -Value (ConvertObjectToPSObject $item.Metadata) -Force
         $item | Add-Member -MemberType NoteProperty -Name 'Parameter' -Value (ConvertObjectToPSObject $item.Parameter) -Force
         $item | Add-Member -MemberType NoteProperty -Name 'PolicyRule' -Value (ConvertObjectToPSObject $item.PolicyRule) -Force
         $item | Add-Member -MemberType NoteProperty -Name 'Versions' -Value ([array]($item.Versions)) -Force
+        $item | Add-Member -MemberType NoteProperty -Name 'EndpointSettingDetail' -Value (ConvertObjectToPSObject $item.EndpointSettingDetail) -Force
         $PSCmdlet.WriteObject($item)
     }
 }