Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
824 questions
2 answers
What is guest configuration extension in azure
Hi Team, We are geeting Microsoft defender for cloud recommendation for enabling the Guest configuration extension. Can someone explain the precise use of the Guest configuration extension and why we should use it? How to configure from the Azure portal
asked 2024-07-08T08:18:36.45+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 53%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Mahavir Saroj
201
Reputation points
commented 2024-07-11T07:26:52.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 3%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
Mahesh Goud Juvvadi
930
Reputation points Microsoft Vendor
1 answer
How to reset Owner Account password for old Azure account which does not have password reset policy set
Hi All, I am working on resetting password for Cloud Owner account and while doing that I get message that the account does not have "reset password policy setup". I am not sure who did the setup for this account, but it is setup in a very odd…
asked 2024-07-05T09:44:06.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 86%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Mudasir Mirza
0
Reputation points
commented 2024-07-11T07:05:28.2633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 90%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Abdul
2,355
Reputation points Microsoft Vendor
3 answers
One of the answers was accepted by the question author.
Custom policy export feature on portal.
Hi , so I am trying find out if the EXPORT POLICY feature that used to be available on the Azure portal was removed? I have use it a while back but I don't see that option on there any more .
asked 2024-06-26T16:23:44.84+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 2%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Maduka, Chibueze F
20
Reputation points
accepted 2024-07-10T17:35:03.58+00:00
Maduka, Chibueze F
20
Reputation points
2 answers
Azure arc machine configuration deployment error
Hello I am attempting to deploy sample machine configuration for an Azure arc machine resource following the steps mentioned in https://learn.microsoft.com/en-us/azure/governance/machine-configuration/how-to/develop-custom-package/overview except for…
asked 2024-03-06T09:15:36.6433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 37%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anupam Kumar
0
Reputation points Microsoft Employee
edited a comment 2024-07-10T14:21:16.66+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 52%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Andrew
31
Reputation points
3 answers
MicrosoftDNSAgent extension
Hello Team, I am planning install/deploy MicrosoftDNSAgent extension. I have already applied AMA policy with DCRs. now planning to choose unified method to deploy and configure MicrosoftDNSAgent extension by policy since AMA and scope specific DCR…
asked 2024-01-30T13:34:19.3433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Naresh Babu
140
Reputation points
edited a comment 2024-07-10T13:06:46.2066667+00:00
John Joyner
41
Reputation points
1 answer
MONITOR PIPELINE ACTIVITY
Hi, I'm working on monitoring the success or failure status of AML jobs on Log Analytics. However, I don't know which tables in Log Analytics contain logs of AML jobs. I followed this documentation…
asked 2024-07-09T08:57:29.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 33%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETN%3C/text%3E%3C/svg%3E)
Tú Nguyễn
65
Reputation points
answered 2024-07-10T10:41:43.4133333+00:00
Amira Bedhiafi
18,981
Reputation points
1 answer
How to provide an array value to az policy definition create --metadata
When I create a policy definition using the portal with category "Guest Configuration", the resulting policy definition correctly includes "requiredProviders": ["Microsoft.GuestConfiguration"] in the metadata section. I am…
asked 2024-07-09T18:44:42.24+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 21%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
MyTestAcct3564
0
Reputation points
answered 2024-07-10T07:49:33.5+00:00
Stanislav Zhelyazkov
22,021
Reputation points MVP
0 answers
can't assign azure policy remediation to arc machines with MDE.Windows extensions i get error PolicyRemediationFailure
Can't deploy azure policy remediation to arc machines with MDE.Windows extensions i get error PolicyRemediationFailure The 'PUT' request failed with status code: 'BadRequest'. Inner Error: 'The resource with name 'HybridWorkerExtension' and type…
asked 2024-07-05T12:06:15.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 67%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Micki Wulffeld
0
Reputation points
commented 2024-07-09T05:50:08.4433333+00:00
Micki Wulffeld
0
Reputation points
0 answers
Same policy have different behavior in azure apim
I have an Azure API Management policy that displays a warning when saved, but it functions correctly works for my needs. But some clients encounter errors when saving, such as in the policy snippet below. <set-variable name="labels"…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 1%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
2 answers
Azure Policy - Remediation task not running on newly deployed resource
Hi. I created new policy that assign data collection EP to VM inside existing data collection rule. I provided this policy to my customer. The policy running on existing VMs in data collection rule, but when customer create new VM, the policy mark the VM…
asked 2023-03-26T11:31:59.9533333+00:00
Inbal Silis
116
Reputation points Microsoft Employee
commented 2024-07-05T12:35:28.0833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 67%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETT%3C/text%3E%3C/svg%3E)
Tushar Trivedi
0
Reputation points
2 answers
Azure Policy for enabling diagnostic settings for WebApp/Function App - No resources remediated
I am working in an existing Azure environment where there is no governance and I am in the process of creating Azure Policies. Currently I am working on creating Azure Policy to enable Diagnostic settings for Azure Web App, Azure Function App and Web…
asked 2024-06-21T12:39:52.0933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 63%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Senthil Ramadoss
0
Reputation points
answered 2024-07-05T07:40:26.84+00:00
Senthil Ramadoss
0
Reputation points
5 answers
One of the answers was accepted by the question author.
Policy to block the creation of NSGs with rules that allow RDP or SSH access from the Internet
I have been creating a policy that should allow the creation of private IP Network Security Groups (NSGs) in the following IP range (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) with the ports SSH and RDP. I have a problem and it is that I do not know how…
asked 2023-09-22T18:38:38.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 59%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVA%3C/text%3E%3C/svg%3E)
VELASCO Alan M. TENARIS
40
Reputation points
answered 2024-07-01T09:27:25.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 97%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Godwin Simeon (Tek Experts)
0
Reputation points Microsoft Vendor
1 answer
Azure Policy: Inheriting a Tag and Its Value from Subscription to Resource Groups
Is it possible to create an Azure policy that can automatically inherit a tag and its value (no matter what the value are) from the subscription to the resource group? The tag is always the same, for instance, Application, but the value can change…
asked 2024-01-05T12:37:51.27+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 56.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
Bombbe
1,616
Reputation points
commented 2024-06-29T15:06:33.1266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 48%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
San Segundo Gonzalo Alberto
5
Reputation points
1 answer
Azure Policy for enabling diagnostic settings for WebApp/Function App - No resources remediated
I am working in an existing Azure environment where there is no governance and I am in the process of creating Azure Policies. Currently I am working on creating Azure Policy to enable Diagnostic settings for Azure Web App, Azure Function App and Web…
asked 2024-06-21T12:32:23.14+00:00
Senthil Ramadoss
0
Reputation points
answered 2024-06-28T20:20:32.3066667+00:00
Pinaki Ghatak
2,875
Reputation points Microsoft Employee
1 answer
Suspension or cancelation subscriptions policies
Hello team , when a customer has a reserved instances and the partner put the customer in a suspension services, how is the managed for the instances?
asked 2024-06-27T14:55:56.5+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 68%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
yesid suarez
0
Reputation points
answered 2024-06-28T18:54:30.2766667+00:00
SadiqhAhmed-MSFT
40,831
Reputation points Microsoft Employee
0 answers
Azure Policy: check subscription role assignments
Hi everyone We have different types of users in our Azure AD. Only a certain subset of them are allowed to administer Azure resources. Those all start with "ACO" or "ACA". We now wish to create an Azure Policy that checks whether only…
asked 2023-03-16T08:43:26.8633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETP%3C/text%3E%3C/svg%3E)
Tobias Petter
6
Reputation points
commented 2024-06-24T17:53:57.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 71%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
John Kelland (Insight Global, Inc.)
0
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Enabling periodic assessment automatically for the VM
After creating the VM, I should see that periodic assesment option to be enabled a when I navigate to update section. how it can be achieved?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 37%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 17%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
0 answers
Azure deny policy not working correctly
Hi, Currently I am trying to create various policies. One of those is to allow the creation of a storageAccount but disallow the creation of Queues. The policy is deployed through the use of a Bicep template: resource policyBlockResourceTypes…
asked 2023-04-03T12:35:46.1933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 32%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFS%3C/text%3E%3C/svg%3E)
Ferdi Stoeltie
20
Reputation points
commented 2024-06-20T07:26:20.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JC
0
Reputation points
1 answer
One of the answers was accepted by the question author.
How to disable SSPR for specific users?
We have 3 computers that share a Microsoft 365 account. While replacing one of the 3 computers, Microsoft asks for "More information required ... Your organization needs more information to keep your account secure" and then requests that I…
asked 2024-06-05T20:15:08.0566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 32%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Mychael Jones
20
Reputation points
commented 2024-06-20T06:40:08.6866667+00:00
Mahesh Goud Juvvadi
930
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
How to determine if my company is using the gov cloud or the global cloud?
I am working on our organizations compliance status and trying to determine which version of Azure and O365 we purchased. We should be using the Gov cloud option but I'm not sure how to tell. Thanks.
asked 2021-02-08T19:25:43.433+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 45%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
Paul Waters
21
Reputation points
edited a comment 2024-06-19T14:23:59.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 5%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Star Donovan
15
Reputation points