Hi,
The description of that policy says: Machines are non-compliant if a network connection status to an IP and TCP port does not match the policy parameter. So the policy will provide compliance on that when any machine to which the policy applies is able to connect to that specific IP and tcp port. Azure Policies can be applied at management group scope, subscription scope or resource group scope. So if you have machines in different resource groups that needs to check connectivity to specific IP and tcp port you can create different assignment with different input for each resource group. I am not sure why would you do this via policy because this seems like you need network monitoring for your machines which I think Connection Monitor is better suited for this task.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.