An error on Microsoft Learn (lesson "Create Azure policies") ?
Hello, I thought a policy definition "describes the compliance confitions for a resource, and the actions to complete when the conditions are NOT met" (e.g., "the name of the VM does not follow the specified convention" (condition…
Standard Azure Naming policy creation
Microsoft support team is unable to solve the problem. { "properties": { "displayName": "Virtual Machine Naming Policy", "policyType": "Custom", "mode":…
Despite creating an Activity alert in the Microsoft Defender portal, we are still not receiving any alerts.
Despite creating an Activity alert in the Microsoft Defender portal, we are still not receiving any alerts.
Can you link a log analytic workspace to a dedicated cluster by a policy?
We want to deploy a dedicated cluster and enforce people to be linked to this cluster with their LAW automatically. Is this possible to be done by a policy? Or is there a better "best practise" way of (automatically) linking workspaces to a…
Azure resource graph query to get azure policies by category
Azure resource graph query to get all azure policies by category (in an azure tenant )
Automated way to increase the resources limit in subscription.
Is it possible to increase the subscription limit by any automated way rather than the manual process ? I know the manual way to increase the limit but i wanted to know is there any automated way.
Azure Policy Questions
Hi, I am trying to understand the difference between a policy assignment with policies listed directly under the assignment, as opposed to using a defintion / initiative, and what are the pros and cons of each option. Any guidance much appreciated. Dave
Azure policy to deny public access when creating a storage account
I am trying to create a solution that will prevent the creation of storage account unless a private endpoint is in place. Its the section below I have used the built in policy definition in Azure, and I am still able to create a storage account with…
Automate Azure Backups for VM across multiple subscriptions
Hi Team, I am working for big health care organization. We have Azure landing zone deployed which has around 20 subscriptions. We are trying to automate the Backups for all the VM types deployed New VM from market place, Migrated and Custom Images…
In Microsoft Defender for cloud I’m trying to enter an email but it gives me privilege error and I am Global Admin
Hi Team In Microsoft Defender for cloud I’m trying to enter an additional email addresses but it gives me privilege error and I am Global Admin Regards
What is the KQL query to extract Azure policies by certain properties?
What is the KQL query in Azure to extract all policies by friendly name, resource type, compliance status, policy type, initiative type, whether it is custom or built-in, and date created?
Deploying diagnostic settings through Azure Policy leaves them in a pending state
I'm following this article to create diagnostic settings for all our resources at a global scale. However, when the remediation task creates a deployment for the diagnostic settings, it seems like it gets stuck. The deployment appears completed, but the…
Azure Policy not working with Def. JIT (- Do not allow Any as source)
I am currently trying to prevent users from requesting Azure JIT VM access coming from the Source IP addresses "Any". According to this thread, https://learn.microsoft.com/en-us/answers/questions/846584/azure-vm-jit-do-not-allow-any-as-source ,…
How to setup an Azure Alert to be triggered when our VM disks go below 10% free space
Hi, we would like some assistance to setup an Azure alert with correct "Measurement" and "Alert logic" values. We are using this query that brings us the result of all our servers with their disks free space. We would like to setup an…
Paginate List Query Results For Subscription Level Policy Assignment
Hi everyone, I’m having trouble using this service to get information about policy states. It seems to only return up to 1,000 entries per call, and the @odata.nextLink parameter mentioned in the docs always comes back as null. I tried adjusting the…
How to upgrade package github.com/open-policy-agent/opa to version 0.68.0 or above?
Hello! We are using Azure Policy add-on in our AKS cluster and we would like to upgrade package github.com/open-policy-agent/opa to version 0.68.0 or above. The image mcr.microsoft.com/oss/open-policy-agent/gatekeeper. Namespace: gatekeeper-system. How…
Allow-Access-Control-Origin Error on Web App
Hey everyone. I may be missing something simple, but here's one for you guys! Turning on App Gateway WAF Policy with a custom rule for geo location match. Essentially just to deny any traffic outside of select countries. Without this WAF Policy turned…
How to remove WAF policy safely.We have an AKAMAI device before the App GW and do not need WAF capability anymore.What is the safest way to do so.
How to remove WAF policy safely or disassociate WAF policy . We have an AKAMAI device before the App GW in our environment hence we do not need WAF capability anymore. What is the safest way to do so. Also can I do it via portal and if I am doing it via…
I cant access my customers tenant because of a conditional acces policy called "phishing resistent mfa for admins"
I called microsoft yeserday, was rerouted 3 times before someone could create a ticket for me and said answer time was just a couple of hours and then the data protection team would call me. this "should" be a simple fix i tought, it is really…
Error assigning a policy using Azure powershell and Azure Cli
I'm trying to assign an initiative using Azure Cli or Azure powershell and I'm getting the following error New-AzManagementGroupDeployment -ManagementGroupId $managemenGroupId -Location $location -TemplateFile…