Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
806 questions
2 answers
DIfferent AAD pwd expiry policy for specific Azure Cloud only users
Is there a way to set a different pwd expiry policy for a specific user or a group of users? Standard global policy is 90 days, we want our Dev User Group to have a pwd expiry policy as 180 days. These are all cloud users on the O365 platform. Any help…
asked 2021-02-03T09:46:19.917+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 34%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMF%3C/text%3E%3C/svg%3E)
Mohammed Feroze Khan
1
Reputation point
commented 2021-02-03T12:48:16.097+00:00
Vasil Michev
96,836
Reputation points MVP
1 answer
One of the answers was accepted by the question author.
Limit Resource Provider in Azure Policy
I tried to limit the allowed resource type based on their providers using Azure Policy. For example, I want to allowed all resources from Microsoft.Compute. The built-in 'Allowed resource types' is inefficient because I have to list all of possible…
asked 2021-02-02T13:13:04.387+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 94%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYF%3C/text%3E%3C/svg%3E)
Yasmin, Fitri
266
Reputation points
commented 2021-02-02T14:29:23.053+00:00
Stanislav Zhelyazkov
21,506
Reputation points MVP
1 answer
Apply exclusion to policy or initiative based on resource region
Hi, I am configuring resource diagnostic settings via policies within initiatives. The diagnostic settings will be configured to send to log analytics workspace and storage account in the same region as the resource. We deploy across four regions…
asked 2021-01-28T22:07:49.033+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 27%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDP%3C/text%3E%3C/svg%3E)
Dan Pier
1
Reputation point
commented 2021-02-02T09:54:56.9+00:00
tbgangav-MSFT
10,386
Reputation points
1 answer
Check for DataCollectionRuleAssociation in Azure Policy
Hey, I want to deploy the Azure Monitor Agent to VMs and create a DataCollectionRuleAssociation for this VMs via an Azure Policy. In general, this is already working, but I am not sure how to define the existenceCondition for both…
asked 2021-01-26T14:33:16.363+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 25%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Christoph Distefano
101
Reputation points
answered 2021-02-02T07:38:51.53+00:00
Christoph Distefano
101
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure policy exception
Hello, Is there any command (PowerShell or AzCLI command) to get the Azure policy exception details ?? Thank you.
asked 2021-01-28T05:48:45.193+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 27%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Az Cloud Learner
71
Reputation points
commented 2021-01-29T13:26:40.03+00:00
Az Cloud Learner
71
Reputation points
2 answers
One of the answers was accepted by the question author.
Question on collation of Azure SQL database
Hello, I am new to Azure, please bear with me if my question seems silly. We know changing database collation for Azure SQL database is very tricky and we use a specific collation (Latin1_General_100_CS_AS_KS_WS_SC) for our databases. My…
asked 2021-01-29T05:29:40.8+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 23%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
anil kumar
1,641
Reputation points
commented 2021-01-29T08:51:06.187+00:00
anil kumar
1,641
Reputation points
1 answer
One of the answers was accepted by the question author.
How many resource group we can able to create uder one subscription?
I just want to know "Required field How many resource group we can able to create uder one subscription? "
asked 2021-01-29T02:49:28.963+00:00
Atul Paghal
41
Reputation points Microsoft Vendor
accepted 2021-01-29T04:51:05.37+00:00
Atul Paghal
41
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
How can I edit the built-in Azure policy definition?
Hi All! How can I edit the built-in policy definition in Azure policies? Is there a required permission or role to do that?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 57.00000000000001%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EU%3C/text%3E%3C/svg%3E)
1 answer
How do we define the Azure policy for Linux VM's alone at the Resource level scope
Hi Azure, We have a couple of Resource Groups with a mixture of both Linux and Windows OS VM's. Now we cannot isolate these VM's due to some organizational restrictions. We want to create policies and assign them at the Resource Level Permissions…
asked 2021-01-22T15:38:41.307+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 93%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
Geeaz
121
Reputation points
answered 2021-01-25T07:54:29.557+00:00
Stanislav Zhelyazkov
21,506
Reputation points MVP
2 answers
Azure Custom policy - Non-Compliance warning not showing for audit policy.
I have create simple Azure custom policy to check tags is exist or not, and assigned it to subscription level. It is showing the non compliances resources and resource group on policy blade as expected. But when I check on activity log, it is not listing…
asked 2020-12-02T16:07:55.103+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Kiran Kolte
1
Reputation point
answered 2021-01-25T04:51:14.53+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SwathiDhanwada-MSFT
17,881
Reputation points
1 answer
How to set Location on resource group lock
My company currently has a policy in place that requires all resources to be deployed in South Central US or North Central US. I'm trying to add a 'Microsoft.Authorization/locks@2016-09-01' resource (via BICEP). I cannot find any documentation that…
asked 2021-01-15T13:13:36.833+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 16%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Tyler Morris
1
Reputation point
commented 2021-01-18T03:10:21.687+00:00
SUNOJ KUMAR YELURU
13,956
Reputation points MVP
1 answer
Combine mutiple claims with "And" or "Or" operator
We have added some new claims in our sign-up flow (custom policy) and some of our old users don't have those data. we want to force them to edit their profile and add the missing data. One way to achieve this is to check a list of claims after user…
asked 2021-01-11T11:10:42.743+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 43%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Kaveh
1
Reputation point
answered 2021-01-12T23:12:43.897+00:00
James Hamil
22,186
Reputation points Microsoft Employee
1 answer
Cancel and delete your Azure account
Wie kann ich meine Azure Konto Kündigen und löschen? Translated from German to English: How can I cancel and delete my Azure account?
asked 2021-01-08T09:09:35.407+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 47%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Jack Shilling
1
Reputation point
answered 2021-01-08T10:48:55.993+00:00
Leon Laude
85,681
Reputation points
0 answers
Microsoft.subscriptions.admin not found
From the Azure portal - In the Subscriptions when I select the Resource Providers and in the Resource Provider I cannot find the Microsoft.subscriptions.admin . I have even installed the Azure Stack in the Powershell .It was installed successfully. …
asked 2021-01-07T09:59:44.647+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 19%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Mohit
1
Reputation point
commented 2021-01-08T09:42:15.09+00:00
SadiqhAhmed-MSFT
39,121
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure policy to audit publicly accessible web applications within subscription
Hi All, I am implementing an Azure policy to audit all publicly accessible web apps within my subscription. I don't think there is any built-in policy for this requirement; so I came up with below policy to check if ipSecurityRestrications exists or not…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 60%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
Deny - prevent deployment of resources not confirming to standard
I'm trying to get some examples of the Deny effect, where the goal is NOT to prevent any specific resource. But instead, deny deployment of resources which is lacking for example tags and diagnostic/activity logging. I know I can use DeployIfNotExist,…
asked 2020-12-15T15:15:44.77+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 97%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
KjetilTiE
1
Reputation point
answered 2020-12-26T07:01:18.917+00:00
Jesse Loudon
336
Reputation points MVP
1 answer
Automated way to increase the resources limit in subscription.
Is it possible to increase the subscription limit by any automated way rather than the manual process ? I know the manual way to increase the limit but i wanted to know is there any automated way.
asked 2020-12-21T08:39:26.267+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 76%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Madhavi
1
Reputation point
answered 2020-12-25T15:31:22.743+00:00
SadiqhAhmed-MSFT
39,121
Reputation points Microsoft Employee
0 answers
terraform to create an Azure policy to validates Resource Group Names using name pattern
I am trying to create an Azure policy which I can assign at the subscription level, and control the naming of the resource groups in the subscription. What resource type (or other method) can I use to limit my validation to the resource group name…
asked 2020-12-04T06:29:18.87+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 92%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
Basavaraj Biradar
1
Reputation point
commented 2020-12-24T16:45:04.61+00:00
olufemia-MSFT
2,861
Reputation points
1 answer
One of the answers was accepted by the question author.
azure name pattern policy not working on subnet, but name pattern policy working for vnet
I have create one name pattern policy assignment, policy definition for vnet and another policy assignment, policy definition for subnet. name pattern policy working only for vnet, but subnet name patter policy not working. Here i attached my…
asked 2020-12-16T06:12:26.64+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 68%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKB%3C/text%3E%3C/svg%3E)
Kumar Biradar
96
Reputation points
accepted 2020-12-24T14:37:01.667+00:00
Kumar Biradar
96
Reputation points
1 answer
Is it possible to update ASG location using Rest Api call
I have an existing ASG in Azure portal. I want to check if i can update the location of this ASG through Rest Api call. Is it possible?
asked 2020-12-15T07:15:41.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 67%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Ananya Sarkar
311
Reputation points
commented 2020-12-21T02:48:29.003+00:00
SwathiDhanwada-MSFT
17,881
Reputation points