How do we define the Azure policy for Linux VM's alone at the Resource level scope

Geeaz 121 Reputation points

Hi Azure,

We have a couple of Resource Groups with a mixture of both Linux and Windows OS VM's. Now we cannot isolate these VM's due to some organizational restrictions.

We want to create policies and assign them at the Resource Level

Permissions needed

  • VM Access (RDP)
  • VM OS Disk Snashot create/read/write
  • VM Datadisk snapshot create/read/write
  • VM network details (read)

Can I have a sample policy that shows us how it is done. Remember, I am looking at Resource Level Scope.


Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
807 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Stanislav Zhelyazkov 21,516 Reputation points MVP

    The lowest level you can assign policy is at resource group level. I would suggest to divide the VMs to different resource groups depending on what policies you want to assign them. The purpose of a resource group is to manage the resources in it together. A nasty workaround that I do not recommend is to assign the same policy to the same resource group multiple times but each policy to exclude the VMs for which do not apply. That is not good approach as every time you add new VM you will have to update those exclusions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments