Azure Policy Export To Terraform

Question

Hi,

We are aiming to migrate our full Azure Policy configuration into a Terraform pipeline.

Does anyone have any guidance on how / if this can actually be achieved, without having to do it manually!!

I see the Azure Export tool, but not altogether sure if it would be suitable here:

https://learn.microsoft.com/en-us/azure/developer/terraform/azure-export-for-terraform/export-terraform-overview

Any other thoughts or guidance very much welcome!!

Answer 1

Hii YogiBear

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

The Azure Export Tool helps you export Azure resources to Terraform configurations. It mainly works with resource groups but can also handle policies.

Use the Azure Export Tool to save your policy definitions and initiatives as Terraform files.

Run the command az policy definition list to see your existing policy definitions.

https://archive.azurecitadel.com/automation/policy/cli/#:~:text=To%20view%20all%20definitions%3A%20az%20policy%20definition%20list,--query%20%22%20%5B%3Fcontains%20%28displayName%2C%20%27virtual%20machine%27%29%5D%22%20-o%20table

Begin by creating Terraform configuration files for each policy definition and initiative using azurerm_policy_definition.
https://medium.com/@yusufkaratoprak/azure-security-via-policy-rules-e292806ba5fc

Once you've defined them, use Terraform to apply the configurations, so they match what you want.

If you have any further queries, do let us know.

---

If the answer is helpful, please click "Accept Answer" and "Upvote it".