Azure Policy Samples

This page is an index of Azure Policy built-in policy definitions and language use patterns.

Built-ins

• Policies
• Initiatives

Patterns

The following are examples of different patterns using the language and operators in Azure Policy:

• Logical operators
• Fields
• Parameters
• Effect details
• Using tags
• Value operator
• Count operator
• Grouping policy definitions in an initiative
• Deploying resources with deployIfNotExists

Regulatory Compliance

The following are the Regulatory Compliance built-ins in Azure:

• Australian Government ISM PROTECTED
• Canada Federal PBMM
• CIS Microsoft Azure Foundations Benchmark 1.1.0
• CIS Microsoft Azure Foundations Benchmark 1.3.0
• CIS Microsoft Azure Foundations Benchmark 1.4.0
• CIS Microsoft Azure Foundations Benchmark 2.0.0
• CMMC Level 3
• FedRAMP High
• FedRAMP Moderate
• HIPAA HITRUST 9.2
• IRS 1075 September 2016
• ISO 27001:2013
• Microsoft cloud security benchmark
• Microsoft Cloud for Sovereignty Confidential
• Microsoft Cloud for Sovereignty Global
• NIST SP 800-53 Rev. 4
• NIST SP 800-53 Rev. 5
• NIST SP 800-171 R2
• NL BIO Cloud Theme
• PCI DSS 3.2.1
• PCI DSS 4.0
• RBI ITF Banks v2016
• RBI ITF NBFC v2017
• RMIT Malaysia
• Spain ENS
• System and Organization Controls (SOC) 2
• SWIFT CSP-CSCF v2021
• SWIFT CSP-CSCF v2022
• UK OFFICIAL and UK NHS

The following are the Regulatory Compliance built-ins in Azure Government:

• CIS Microsoft Azure Foundations Benchmark v1.1.0
• CIS Microsoft Azure Foundations Benchmark v1.3.0
• CMMC Level 3
• FedRAMP High
• FedRAMP Moderate
• IRS 1075 September 2016
• ISO 27001:2013
• Microsoft cloud security benchmark
• NIST SP 800-53 Rev. 4
• NIST SP 800-53 Rev. 5
• NIST SP 800-171 R2
• System and Organization Controls (SOC) 2

Other Samples

• GitHub - Community Policy repo

Next steps

• See the built-ins on the Azure Policy GitHub repo.
• Review the Azure Policy definition structure.
• Review Understanding policy effects.