Share via

azure policy to check managedby property of resource group

Dharmaraj 0 Reputation points
2024-05-06T10:44:22.3766667+00:00

hi,

i m trying to create azure policy to make sure the mangedby property is set when creating resources group using terraform.

{ "field": "type", "equals": "Microsoft.Resources/resourceGroups/managedBy" }

but this property does not have an alias to use it in policy.

is there any way i can make this policy work

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
912 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Theophilus Sawyerr 0 Reputation points
    2024-05-06T14:24:00.9866667+00:00 
    {
  "properties": {
    "displayName": "Enforce managedBy property for resource groups",
    "policyType": "Custom",
    "mode": "All",
    "parameters": {},
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Resources/resourceGroups"
      },
      "then": {
        "effect": "audit",
        "details": {
          "type": "Microsoft.Resources/resourceGroups/managedBy"
        }
      }
    }
  }
}
    0 comments
  2. Prashant Kumar 780 Reputation points Microsoft Employee
    2024-06-11T07:03:40.2+00:00

    Unfortunately, Azure policy cannot be applied to check managedby property of resource group.

    ManagedBy property is a top-level property and is not currently supported.  Policy aliases for top-level properties are not generated.

    You can use Powershell/CLI or REST API to GET and audit this property of RG though.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.