Azure Policy Samples

This page is an index of Azure Policy built-in policy definitions and language use patterns.

Built-ins

• Policies
• Initiatives

Patterns

The following are examples of different patterns using the language and operators in Azure Policy:

• Logical operators
• Fields
• Parameters
• Effect details
• Using tags
• Value operator
• Count operator
• Grouping policy definitions in an initiative
• Deploying resources with deployIfNotExists

Regulatory Compliance

The following are the Regulatory Compliance built-ins in Azure:

• Australian Government ISM PROTECTED
• Azure Security Benchmark
• Canada Federal PBMM
• CIS Microsoft Azure Foundations Benchmark v1.3.0
• CIS Microsoft Azure Foundations Benchmark v1.1.0
• CMMC Level 3
• FedRAMP Moderate
• FedRAMP High
• HIPAA HITRUST 9.2
• IRS 1075 September 2016
• ISO 27001:2013
• New Zealand ISM Restricted
• NIST SP 800-53 Rev. 5
• NIST SP 800-53 Rev. 4
• NIST SP 800-171 R2
• SWIFT CSCF v2021
• UK OFFICIAL and UK NHS

The following are the Regulatory Compliance built-ins in Azure Government:

• Azure Security Benchmark
• CIS Microsoft Azure Foundations Benchmark v1.3.0
• CIS Microsoft Azure Foundations Benchmark v1.1.0
• CMMC Level 3
• DoD Impact Level 4
• DoD Impact Level 5
• FedRAMP Moderate
• FedRAMP High
• IRS 1075 September 2016
• ISO 27001:2013
• NIST SP 800-53 Rev. 5
• NIST SP 800-53 Rev. 4
• NIST SP 800-171 R2

Other Samples

• GitHub - Community Policy repo

Next steps

• See the built-ins on the Azure Policy GitHub repo.
• Review the Azure Policy definition structure.
• Review Understanding policy effects.