DIfferent AAD pwd expiry policy for specific Azure Cloud only users
Is there a way to set a different pwd expiry policy for a specific user or a group of users? Standard global policy is 90 days, we want our Dev User Group to have a pwd expiry policy as 180 days. These are all cloud users on the O365 platform. Any help…
Limit Resource Provider in Azure Policy
I tried to limit the allowed resource type based on their providers using Azure Policy. For example, I want to allowed all resources from Microsoft.Compute. The built-in 'Allowed resource types' is inefficient because I have to list all of possible…
Apply exclusion to policy or initiative based on resource region
Hi, I am configuring resource diagnostic settings via policies within initiatives. The diagnostic settings will be configured to send to log analytics workspace and storage account in the same region as the resource. We deploy across four regions…
Check for DataCollectionRuleAssociation in Azure Policy
Hey, I want to deploy the Azure Monitor Agent to VMs and create a DataCollectionRuleAssociation for this VMs via an Azure Policy. In general, this is already working, but I am not sure how to define the existenceCondition for both…
Azure policy exception
Hello, Is there any command (PowerShell or AzCLI command) to get the Azure policy exception details ?? Thank you.
Question on collation of Azure SQL database
Hello, I am new to Azure, please bear with me if my question seems silly. We know changing database collation for Azure SQL database is very tricky and we use a specific collation (Latin1_General_100_CS_AS_KS_WS_SC) for our databases. My…
How many resource group we can able to create uder one subscription?
I just want to know "Required field How many resource group we can able to create uder one subscription? "
How can I edit the built-in Azure policy definition?
Hi All! How can I edit the built-in policy definition in Azure policies? Is there a required permission or role to do that?
How do we define the Azure policy for Linux VM's alone at the Resource level scope
Hi Azure, We have a couple of Resource Groups with a mixture of both Linux and Windows OS VM's. Now we cannot isolate these VM's due to some organizational restrictions. We want to create policies and assign them at the Resource Level Permissions…
Azure Custom policy - Non-Compliance warning not showing for audit policy.
I have create simple Azure custom policy to check tags is exist or not, and assigned it to subscription level. It is showing the non compliances resources and resource group on policy blade as expected. But when I check on activity log, it is not listing…
How to set Location on resource group lock
My company currently has a policy in place that requires all resources to be deployed in South Central US or North Central US. I'm trying to add a 'Microsoft.Authorization/locks@2016-09-01' resource (via BICEP). I cannot find any documentation that…
Combine mutiple claims with "And" or "Or" operator
We have added some new claims in our sign-up flow (custom policy) and some of our old users don't have those data. we want to force them to edit their profile and add the missing data. One way to achieve this is to check a list of claims after user…
Cancel and delete your Azure account
Wie kann ich meine Azure Konto Kündigen und löschen? Translated from German to English: How can I cancel and delete my Azure account?
Microsoft.subscriptions.admin not found
From the Azure portal - In the Subscriptions when I select the Resource Providers and in the Resource Provider I cannot find the Microsoft.subscriptions.admin . I have even installed the Azure Stack in the Powershell .It was installed successfully. …
Azure policy to audit publicly accessible web applications within subscription
Hi All, I am implementing an Azure policy to audit all publicly accessible web apps within my subscription. I don't think there is any built-in policy for this requirement; so I came up with below policy to check if ipSecurityRestrications exists or not…
Deny - prevent deployment of resources not confirming to standard
I'm trying to get some examples of the Deny effect, where the goal is NOT to prevent any specific resource. But instead, deny deployment of resources which is lacking for example tags and diagnostic/activity logging. I know I can use DeployIfNotExist,…
Automated way to increase the resources limit in subscription.
Is it possible to increase the subscription limit by any automated way rather than the manual process ? I know the manual way to increase the limit but i wanted to know is there any automated way.
terraform to create an Azure policy to validates Resource Group Names using name pattern
I am trying to create an Azure policy which I can assign at the subscription level, and control the naming of the resource groups in the subscription. What resource type (or other method) can I use to limit my validation to the resource group name…
azure name pattern policy not working on subnet, but name pattern policy working for vnet
I have create one name pattern policy assignment, policy definition for vnet and another policy assignment, policy definition for subnet. name pattern policy working only for vnet, but subnet name patter policy not working. Here i attached my…
Is it possible to update ASG location using Rest Api call
I have an existing ASG in Azure portal. I want to check if i can update the location of this ASG through Rest Api call. Is it possible?