Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
2,921 questions
3 answers
Custom Azure policy "Logic apps should use the latest TLS version"
Hello, I need to create a custom policy for Logic Apps. There is already a built-in policy in Azure for App service and Function apps. App service (App Service apps should use the latest TLS version) - Definition ID:…
asked 2024-04-18T14:01:57.9766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 54%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKC%3C/text%3E%3C/svg%3E)
Kym Caris Natividad
20
Reputation points
edited an answer 2024-04-19T14:48:59.5566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 2%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Prashant Kumar
75
Reputation points Microsoft Employee
2 answers
Applying azure PCI DSS4 regulatory complaince policy for passwords
Hi, I am trying to assign PCI DSS4 Defender for cloud regulatory compliance policy for passwords - Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords- where count is 24 Audit Windows machines that…
asked 2024-04-16T20:23:01.5533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 32%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
Ishan Saxena
20
Reputation points
answered 2024-04-18T20:45:02.7166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Marcin Policht
15,050
Reputation points MVP
2 answers
One of the answers was accepted by the question author.
Azure policy for auditing trial subscriptions
My team is trying to create an audit effect Azure policy to audit any trial subscriptions. The goal of our policy is to show all the trial subscriptions as non-compliant. Below is the JSON template we were able to come up with. We are testing for…
asked 2024-04-17T15:26:21.7566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 35%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Sparsh Raj
20
Reputation points
answered 2024-04-18T09:23:32.85+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT
20,981
Reputation points
1 answer
I am uanble to upgrade my account because my billing access was changed automatically by Azure
Recently my account was disabled. I would like to find out how to enable it and upgrade it. Its not letting me upgrade.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 99%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 84%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
1 answer
Setting up Azure Firewall for network perimeter
How can I set up Azure Firewall for better security and at more of the resource group level? I already have a network security group (NSG) set up with IP whitelisting for an exposed endpoint, but I'm not sure how to connect the filtered traffic to the…
asked 2024-04-16T14:10:38.7166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 25%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Anmol Arora
0
Reputation points
answered 2024-04-17T12:15:41.1166667+00:00
GitaraniSharma-MSFT
48,196
Reputation points Microsoft Employee
0 answers
How to restrict users from deploying the resources in a RG when a specified tag is applied to that RG?
I already know how to deny resource deployment when a specific tag is missing using Azure custom policies. Now, I'm interested in creating a custom policy that prevents users from deploying resources in a resource group if a particular tag exists for…
asked 2024-04-16T07:53:53.1266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 97%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPV%3C/text%3E%3C/svg%3E)
Priyanka Varma
60
Reputation points
asked 2024-04-16T07:53:53.1266667+00:00
Priyanka Varma
60
Reputation points
1 answer
I am working on azure policy where an alert will be generated if a RBAC role is assigned with a blob data action permissions on a storage account. Can anyone please help in correcting the code I have written.
{ "mode": "All", "policyType": "Custom", "displayName": "Audit Creation of RBAC Roles for Storage Accounts", "description": "This policy audits any new or updated RBAC…
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,800 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,032 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
811 questions
asked 2024-03-25T14:24:12.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 35%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Sahith Thatipalli
40
Reputation points
edited a comment 2024-04-16T03:21:36.9066667+00:00
Sumarigo-MSFT
44,336
Reputation points Microsoft Employee
1 answer
Create VM issue with Not allowed resource types - virtualNetwork
If I apply a new Azure policy to the management group which has been associate to the subscription. There is a configuration for "Not allowed resource types" with virtualNetwork. Could I create the new VM to existing VNet? Because we have…
asked 2020-12-09T14:25:13.053+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 39%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWC%3C/text%3E%3C/svg%3E)
Walker Chong
41
Reputation points
commented 2024-04-14T10:04:52.6+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 3%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETA%3C/text%3E%3C/svg%3E)
Tobiloba Ajibade
0
Reputation points
3 answers
Find the resources which are untagged / not having any Tags in a Subscription
How to find all the resources which are Untagged / Not having any tags in a subscription Via PowerShell Script or Policies
asked 2024-02-14T13:07:26.23+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 66%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Dhanalakshmi
20
Reputation points
commented 2024-04-12T20:46:15.0066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 86%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERL%3C/text%3E%3C/svg%3E)
Rob Logie
0
Reputation points
1 answer
One of the answers was accepted by the question author.
How to exempt a particular Service Principal (SPN) / App registration from the denial actions enforced by a Azure custom policy
Hello, I've implemented a deny policy to prevent end users from deploying unauthorized resources. However, this policy is also affecting the automation within the service principal's account. Now, I want to find a way so that it should allow this…
asked 2024-04-09T05:12:39.05+00:00
Priyanka Varma
60
Reputation points
accepted 2024-04-12T10:19:52.69+00:00
Priyanka Varma
60
Reputation points
6 answers
The template deployment failed because of policy violation.
When I attempt to run through Exercise1 - Create a WordPress website hosted in Auzure, I encounter "The template deployment failed because of policy violation." while creating the WordPress Detailed: Information: "galleryItemId":…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 76%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
How can I create a custom Azure policy to prevent/deny manual resource creation in resource groups while allowing automated creation through GitHub Actions or Azure Automation?
How can I create a custom Azure policy to restrict end users from manually creating resources in resource groups and prevent unauthorized peerings with existing VNets, while also allowing the creation of resources through GitHub action automation or…
asked 2024-04-01T05:49:52.1833333+00:00
Priyanka Varma
60
Reputation points
accepted 2024-04-11T03:58:20.34+00:00
Priyanka Varma
60
Reputation points
2 answers
Looking for Kusto query or a azure policy where an alert should be generated when azure blob data action role permissions are assigned on a built in or custom role for a storage account.
{ "mode": "All", "policyType": "Custom", "displayName": "Audit Blob Data Action Role Permissions Assignments", "description": "Audits when roles with Azure Blob data…
asked 2024-03-26T17:51:42.8933333+00:00
Sahith Thatipalli
40
Reputation points
commented 2024-04-10T07:32:19.22+00:00
AnuragSingh-MSFT
20,981
Reputation points
2 answers
One of the answers was accepted by the question author.
Enabling periodic assessment automatically for the VM
After creating the VM, I should see that periodic assesment option to be enabled a when I navigate to update section. how it can be achieved?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 37%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
2 answers
How deny policy or rule inherits from Root Tenant to resource level
I am trying to understand how deny policy/rule works in terms of inheritance. If I create a deny policy of - "not able to create resources" at Root Tenant. Under the root tenant I have a management group IT and a Dev subscription under this…
asked 2024-03-17T20:46:18.96+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 50%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Nishith Suthar
0
Reputation points
commented 2024-04-01T06:44:18.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SwathiDhanwada-MSFT
18,041
Reputation points
1 answer
One of the answers was accepted by the question author.
How to lock the Vnet peerings like we lock the the resources in resource group once after we create them?
To prevent unauthorized peerings to other Vnets after creation, it's essential to lock the peerings to restrict access for other users from creating unnecessary peerings. How to do that? Can anyone help me out with this? Thanks.
asked 2024-03-27T04:26:00.8033333+00:00
Priyanka Varma
60
Reputation points
accepted 2024-04-01T05:52:03.73+00:00
Priyanka Varma
60
Reputation points
0 answers
Azure policy is not working on App services
I have created azure policy for app service that do not assign any public IP and set default TLS 1.3 but still I can be able to create app services with default settings.
asked 2024-03-27T12:58:15.2366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 0%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Shivshankar sharma
0
Reputation points
commented 2024-03-27T23:33:33.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 75%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGR%3C/text%3E%3C/svg%3E)
guilherme rodrigues
240
Reputation points
4 answers
One of the answers was accepted by the question author.
Disable trusted launch Azure VM
Hello Everyone, I have an issue with one of my VM's on Azure. This machine was previously created with Trusted Launch enabled on it(Don't know why). Now, I can't backup it up with my default backup policy, only with enhanced one which is…
asked 2022-09-01T12:36:42.213+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 32%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Vlad Dodin
21
Reputation points
commented 2024-03-26T13:09:12.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 52%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Mohammad Wasif Rafique Mandal
35
Reputation points
8 answers
Exempt Azure policy for Users in specific AD group?
Hello, Is it possible to bypass Azure policy for specific AD users or AD groups while creating objects in AKS
asked 2023-04-28T15:02:45.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 68%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Tanul
1,251
Reputation points
answered 2024-03-22T03:23:02.8966667+00:00
Konstantinos Passadis
17,376
Reputation points MVP
1 answer
One of the answers was accepted by the question author.
Why ceating private endpoint in existing key vault blocks the public access from all network as well as selected network fails?
In Key Vault, Customer firewall is set to public and some to selected network with list of IPs. As soon as we create private endpoint, all other previous connection with pubic/selected network fails. But based on below documentation, I would like…
asked 2022-09-26T18:41:02.043+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 40%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Dinesh Madhup
46
Reputation points Microsoft Employee
accepted 2024-03-21T00:28:13.5933333+00:00
Dinesh Madhup
46
Reputation points Microsoft Employee