Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
898 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We created the policy that should restrict the creation of new subscription, if it has any or all of the specific tags missing.
The policy is not restricting the creation of new subscription but, is marking the subscription "non-compliant" after it has been created, if any given tag is missing.
The Policy rule is like below:
"policyRule": {
"if": {
"allOf": [
{
"equals": "Microsoft.Resources/subscriptions",
"field": "type"
},
{
"anyOf": [
{
"exists": "false",
"field": "tags['ProjectName']"
},
{
"exists": "false",
"field": "tags['Environment']"
}
]
}
]
},
"then": {
"effect": "Deny"
}
}
Is is possible to restrict subscription creation using Azure Policy?