Limiting Specific Selections of Azure VM for non Global Admins ?

EnterpriseArchitect 4,571 Reputation points

Hi All,

I wonder if it is possible to limit specific VM that the User or Developers can deploy across the multiple Subscriptions.

Only the Global Administrator can deploy any type of VMs, but other than that, enforce the Azure Policy to show only few select type of VMs.

How can I achieve the above?

Thank you in advance.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,847 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
759 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Pranathi Panyam_MSFT 986 Reputation points Microsoft Employee

    @EnterpriseArchitect Thanks for posting your query here!

    Yes, you can configure Azure policies to restrict certain operations at the resource management groups, subscriptions, resource groups, and resources. Please refer to know about the Scope. Also, there are few inbuilt policies. you can also restrict the permitted operating systems ( Operating system types/certain images). For that, please refer, Permitted Virtual Machines

    Also, you can restrict access for the user at the subscription level, resource group level, and resource level. Please refer, Assign Azure roles using the Azure portal for the same.

    Kindly let us know if the above helps or you need further assistance on this issue.


    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.