![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 53%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
725 questions
To create a custom policy to restrict the maximum number of VMs in a specific region:
- In the Azure Portal, navigate to the Azure Policy service.
- Click on the "+ Policy definition" button to create a new policy definition.
- In the "Basics" tab, give the policy a name and select "Custom" as the policy type.
- In the "Policy rule" tab, you can use the built-in policy function "count" to check the number of VMs in a specific region. You can use a condition like this:
Copy code
count(resourceId, 'Microsoft.Compute/virtualMachines', 'West US') > 10
This will check for more than 10 VMs in the region "West US"
- In the "Effect" tab, select "Deny" to prevent the creation of new VMs in that region.
- Click on the "Create" button to create the policy.
- After creating the policy, you need to assign it to the management group or subscription where you want it to take effect.
You can use Azure Policy initiative to manage multiple policies at once.
Also, you can use Azure Quotas to restrict the number of resources that can be created in a subscription, by using Azure Quotas you can limit the number of VMs that can be created in a subscription, and you can also assign different quotas to different subscriptions or management groups.
[https://learn.microsoft.com/en-us/azure/governance/policy/overview
