The 'azure-policy' tag is meant to be used on all questions related to authoring, assigning, and grouping of Azure Policy definitions and initiatives. This will improve the visibility of the questions to both the community and Azure Governance product team.
Questions tagged [azure-policy]
480 questions
6
votes
2 answers
[Azure Policy]Apply tag and add the account info
When creating a resource group with Azure Policy, I would like to force account information such as user ID and email address as tags.
Sample-Apply tag and its default value
As a result of referring to, it was possible to tag a fixed word, but I do…
user20380119or0118
- 83
- 11
5
votes
4 answers
ExistenceCondition in Azure Policy?
I'm currently trying to understand the Azure policies. I think I've got my head around the aliases, but I'm having trouble understanding where to find the correct values for ExistenceCondition equals field
How does it different from the PolicyRule…
Sachin Kalia
- 1,027
- 14
- 24
4
votes
0 answers
How to share device State information from electron
We have developed a desktop application using electron and angular, bundled using electron-builder.
The problem we are facing is regarding SSO, we have achieved SSO by attaching 'debugger' on 'webContents' of a 'BrowserWindow', it's working for the…
AsiteUser
- 217
- 1
- 4
4
votes
0 answers
Azure Terraform Policy Error "Missing subscription -The request did not have a subscription or a valid tenant level resource provider"
I'm trying to apply the Azurerm_policy_assignment using Terraform - i'm unable to apply the policy assignment, looks like an identity related issue:
policy.AssignmentsClient#Create: Failure responding to request: StatusCode=404 -- Original Error:…
user1197981
- 133
- 3
- 8
3
votes
3 answers
Is it possible to create an Azure Policy Exemption at the same as as the resource being exempted?
Azure Policy can be used to define conventions that, when Policy Enforcement is enabled, will prevent non-compliant resources from being created.
In scenarios where non-compliant resources need to be exempted this leads to having to coordinate…
STW
- 44,917
- 17
- 105
- 161
3
votes
0 answers
Azure Defender for Cloud reporting issues that have already been fixed
I have an AKS cluster where a few security recommendations are reported. I believe I have mitigated some of them already, but they are still shown.
Namely, there is
Container images should be deployed from trusted registries only
Azure Kubernetes…
Martin Melka
- 7,177
- 16
- 79
- 138
3
votes
0 answers
Azure Policy which prevents creation of Application Insights without daily cap
I'm trying to create an Azure Policy which prevents creation of Application Insights resources when:
daily volume cap is not set,
or when the cap is greater than 1 (GB).
Here is the policy rule definition:
{
"mode": "All",
"policyRule": {
…
marcinsk
- 31
- 1
3
votes
0 answers
Modifying resource group tag depending on resource group name using Azure Policies
I'm tasked with applying an Azure Policy that adds or replaces tags and their values on some resource groups. One of the tags, environment, is supposed to have a value equal to a part of the name of the resource group: if the resource group is…
Rodrigo Almeida
- 31
- 3
3
votes
1 answer
Azure policy to enforce naming convention on resource group has no effect
I have got the following very basic policy that aims to enforce a naming convention on new resource groups.
{
"mode": "All",
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals":…
Matthias Güntert
- 4,013
- 6
- 41
- 89
3
votes
0 answers
Problem with configuring proxy settings on Windows with PowerShell script through Azure Policy
We have a script that sets manual proxy on Windows Server 2016, so we execute the following commands:
Set-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings' -name ProxyServer -Value…
Elias Arellano
- 433
- 5
- 16
3
votes
2 answers
How to enforce that Delete Retention is configured on Azure Storage by using a deployIfNotExists policy?
I would like to create a policy that automatically applies a delete retention policy of 14 days to every new storage created. I think that this is possible by using a deployIfNotExists policy, but I was not able to find a sample JSON or anything on…
Rafael Colucci
- 6,018
- 4
- 52
- 121
3
votes
0 answers
Azure policy create a deployifnotexists policy
I am trying to create a DeployIfNotExists policy from an existing AuditIfNotExists policy. It doesn't error while deploying, but it errors saying "No related resources match the effect details in the policy definition." when the policy is evaluated.…
user1197981
- 133
- 3
- 8
3
votes
1 answer
Azure Policy Deploying using Powershell
I'm deploying a deny policy through powershell and get the following error
New-AzPolicyDefinition : InvalidPolicyRule : Failed to parse policy rule: 'Could not find member 'properties' on object of type
'PolicyRuleDefinition'. Path…
Norrin Rad
- 881
- 2
- 18
- 42
3
votes
3 answers
Allowed Resource Types policy
When applying the allowed resource type policy through the Azure portal, there is a drop down with hundreds of available resource types that can be selected as assignment parameters. Does anyone know how this list is generated or where can I query…
Morgan Jones
- 31
- 2
2
votes
1 answer
How to check if any required tags are blank Azure Policy
I am trying to create an azure policy that audits vms. Conditions I want to satisfy is that the vm has all of the tags specified by parameter and that all of those corresponding tags contain a value. The first condition I have working with below.…
Jamie O'Connell
- 122
- 7