Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
815 questions
1 answer
One of the answers was accepted by the question author.
How to disable SSPR for specific users?
We have 3 computers that share a Microsoft 365 account. While replacing one of the 3 computers, Microsoft asks for "More information required ... Your organization needs more information to keep your account secure" and then requests that I…
asked 2024-06-05T20:15:08.0566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 32%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Mychael Jones
20
Reputation points
accepted 2024-06-19T17:07:10.72+00:00
Mychael Jones
20
Reputation points
1 answer
One of the answers was accepted by the question author.
How to determine if my company is using the gov cloud or the global cloud?
I am working on our organizations compliance status and trying to determine which version of Azure and O365 we purchased. We should be using the Gov cloud option but I'm not sure how to tell. Thanks.
asked 2021-02-08T19:25:43.433+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 45%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPW%3C/text%3E%3C/svg%3E)
Paul Waters
21
Reputation points
edited a comment 2024-06-19T14:23:59.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 5%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Star Donovan
15
Reputation points
1 answer
Azure arc machine configuration deployment error
Hello I am attempting to deploy sample machine configuration for an Azure arc machine resource following the steps mentioned in https://learn.microsoft.com/en-us/azure/governance/machine-configuration/how-to/develop-custom-package/overview except for…
asked 2024-03-06T09:15:36.6433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 37%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anupam Kumar
0
Reputation points Microsoft Employee
commented 2024-06-19T07:00:24.6233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 52%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Andrew
31
Reputation points
4 answers
One of the answers was accepted by the question author.
Disable trusted launch Azure VM
Hello Everyone, I have an issue with one of my VM's on Azure. This machine was previously created with Trusted Launch enabled on it(Don't know why). Now, I can't backup it up with my default backup policy, only with enhanced one which is…
asked 2022-09-01T12:36:42.213+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 32%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Vlad Dodin
21
Reputation points
commented 2024-06-18T17:50:51.66+00:00
David Faleye
0
Reputation points
1 answer
Import powershell module in guest configuration script resource
Hi, I'm trying to create a guest configuration to monitor if the VM enabled Windows defender realtimeMonitoring. Here is my code: Configuration EnableRealtimeMonitoring { Import-DscResource -ModuleName 'PSDscResources' …
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 53%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEH%3C/text%3E%3C/svg%3E)
0 answers
How to fix Creating policy assignment 'Policy be Zone Resilient' in 'Subcription Name' failed. Reason: Could not find a version of policy definition: '/providers/Microsoft.Authorization/policyDefinit
Creating policy assignment 'Policy should be Zone Resilient' in 'Subcription Name' failed. Reason: Could not find a version of policy definition: '/providers/Microsoft.Authorization/policyDefinitions/xxxxx-xxx-xxx' that matches '1..'. The available…
asked 2024-06-13T08:36:30+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 72%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Vivek Karande (WIPRO LIMITED)
0
Reputation points Microsoft Vendor
commented 2024-06-18T09:52:44.3+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT
20,991
Reputation points
1 answer
Azure Policy Deployifnotexist Nested Templates and Parameters
Hello, I have a policy to deploy an alert on all subs not having it (as you can not create alert with MG group scope for now)...And I was not able to have parameters bein taken into account from the Policy down to the two nested templates for the…
asked 2024-05-15T06:37:44.1466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 80%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECH%3C/text%3E%3C/svg%3E)
Christophe Humbert
101
Reputation points
answered 2024-06-17T18:52:46.7566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Monalla-MSFT
12,681
Reputation points
1 answer
Azure Custom Based Policy Migration
Azure Custom Based Policies needs to be migrated to new subscription any tool available or else need to recreate all policies manually Kindly advise
asked 2024-06-14T11:11:42.5033333+00:00
Ramasamy Balasubramanian
0
Reputation points
answered 2024-06-14T11:29:16.08+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Marcin Policht
16,005
Reputation points MVP
1 answer
Azure Custom Based Policy Migration Tool
Need to Migrate Azure Custom Based Policy from one subscription to another subscription. any migration tool available. Kindly Advice
asked 2024-06-14T11:14:42.2+00:00
Ramasamy Balasubramanian
0
Reputation points
answered 2024-06-14T11:25:38.8133333+00:00
Marcin Policht
16,005
Reputation points MVP
1 answer
How to exclude a group of users in an azure policy from deny action
current situation: there is a zure policy with deny action that prohibits the deletion of resource groups and resources. requirement: create a user group in azure in which every member of that group is excluded from the azure policy deny action
asked 2024-03-13T21:04:25.21+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOJ%3C/text%3E%3C/svg%3E)
Omer Jesus Gonzalez Vizcaino
0
Reputation points
edited an answer 2024-06-13T03:56:22.0766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SwathiDhanwada-MSFT
18,131
Reputation points
1 answer
One of the answers was accepted by the question author.
Policy written in azure purview
You can manage all the Azure resources under the same policy in Azure Purview. To manage all Azure resources under the same policy in Azure Purview, you can create a single policy that covers an entire resource group or subscription. This approach…
asked 2024-06-12T04:55:49.37+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 21%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGR%3C/text%3E%3C/svg%3E)
Ganapathy Ram
60
Reputation points
accepted 2024-06-12T07:45:40.5633333+00:00
Ganapathy Ram
60
Reputation points
2 answers
azure policy to check managedby property of resource group
hi, i m trying to create azure policy to make sure the mangedby property is set when creating resources group using terraform. { "field": "type", "equals": "Microsoft.Resources/resourceGroups/managedBy" } but…
asked 2024-05-06T10:44:22.3766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 83%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
Dharmaraj
0
Reputation points
answered 2024-06-11T07:03:40.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 2%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Prashant Kumar
75
Reputation points Microsoft Employee
1 answer
Azure Policy target only windows
Hello! :) I am fairly new to Azure Policy, I am trying to create a policy to target windows servers that doesn't have AHUB enabled, however this policy keeps getting Linux machines in aswell. Why is that, when I state it should be windowsserver or…
asked 2024-05-10T08:25:57.5633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 42%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Reek2750
0
Reputation points
answered 2024-06-11T06:52:10.83+00:00
Prashant Kumar
75
Reputation points Microsoft Employee
1 answer
Azure built-in compliance standard for ISO 27001:2022
Is it planned to offer the compliance standard for ISO 27001:2022 y Azure regulation compliance initiatives?
asked 2024-05-22T15:08:51.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 41%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECV%3C/text%3E%3C/svg%3E)
Carlos Villarroel
5
Reputation points
answered 2024-06-11T04:09:53.6666667+00:00
AnuragSingh-MSFT
20,991
Reputation points
1 answer
Issue while accessing Azure Policy REST API in Power BI - Getting Error: Access to the resource is forbidden
I am trying to access Azure Policy Compliance data from Azure Policy REST API to Power BI. To access the Azure API into Power BI, I have registered an application in Entra ID and generated Client ID and Client Secret. In the App Permission, I have…
asked 2024-05-22T16:17:53.7866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 23%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Jil Kachhia
0
Reputation points
commented 2024-06-07T15:09:39.7766667+00:00
Monalla-MSFT
12,681
Reputation points
1 answer
Azure Policy Tag add tag if missing
I set a new policy for existing resources to add required tag if missing. scenario1: Resource1 have the following tags and value Tag name = Project Value = ProjSSO Tag name = Purpose Value = app login however if the the policy trigger I received an…
asked 2024-02-07T01:45:43.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 40%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Reygie Prieto
0
Reputation points
commented 2024-06-07T10:35:37.87+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 99%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Joel Kruse
0
Reputation points
2 answers
how do I use Azure Policy to enable 'Agentless scanning for machines (preview)' setting for Defender for CSPM
I cant seem to find a policy that enables the 'Agentless scanning for machines (preview)' setting in Defender for Cloud. How do i do it then?
asked 2023-03-15T20:25:57.67+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 88%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENH%3C/text%3E%3C/svg%3E)
Nadia Hansen
0
Reputation points
answered 2024-06-05T20:40:09.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 57.99999999999999%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SteveJ22LK90
0
Reputation points
1 answer
Azure Default Policy preventing us creating or amending resources
Came into work after a weekend, and we noticed that Azure resources (VM's, AVD, Storage accounts etc), would not lets us create or amend settings because of a deny error with the Azure Default Policy (error below) Resource '#########' was disallowed by…
asked 2024-05-29T09:55:57.41+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 71%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGT%3C/text%3E%3C/svg%3E)
Graham Thackery
6
Reputation points
commented 2024-06-05T16:19:46.9666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 74%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGW%3C/text%3E%3C/svg%3E)
Gavin Wickens
0
Reputation points
0 answers
Does the current SQL Database TLS Policy check if nothing is selected?
We recently implemented a built-in Azure Policy, that checks for the minimum TLS Version to be 1.2. -…
asked 2024-06-04T00:35:40.3333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 48%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPG%3C/text%3E%3C/svg%3E)
Pooja Goel
0
Reputation points
commented 2024-06-04T18:50:52.8366667+00:00
tbgangav-MSFT
10,411
Reputation points
1 answer
Azure Policy & VM JIT - Do not allow Any as source
I am currently trying to prevent users from requesting Azure JIT VM access coming from the Source IP addresses "Any". According to this thread, https://learn.microsoft.com/en-us/answers/questions/846584/azure-vm-jit-do-not-allow-any-as-source ,…
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,391 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,044 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
815 questions
asked 2024-05-14T12:27:20.6233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 14.000000000000002%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJE%3C/text%3E%3C/svg%3E)
Jara Entren
20
Reputation points
edited the question 2024-06-03T12:05:35.69+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
29,591
Reputation points Microsoft Employee