961 questions with Azure Policy tags

Sort by: Updated
1 answer

how can i re -enable my disabled azure subscription?

To protect the security and privacy of your account, we perform routine audits of all Azure subscriptions. During one of these audits, we identified suspicious activity in your subscription that violates the Microsoft Acceptable Use Policy. We’ve…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-10T07:58:29.93+00:00
Ajay Singh 0 Reputation points
commented 2025-02-18T16:45:15.6233333+00:00
Pavan Minukuri 1,215 Reputation points Microsoft Vendor
1 answer

Configure Azure Activity logs to stream to specified Storage account from all subscriptions

I want to Configure Azure Activity logs to stream to specified Storage account from all subscriptions, is there any Built In policy available which can be leveraged to send activity logs from all subscription to a pre-defined storage account.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-21T15:16:39.2166667+00:00
Kaushik Ray 0 Reputation points
commented 2025-02-18T16:36:28.15+00:00
Pavan Minukuri 1,215 Reputation points Microsoft Vendor
2 answers One of the answers was accepted by the question author.

DORA Regulations and Azure CSP (Reseller)

Hi team - we have customers asking us for DORA addendums in their Azure contracts - as they are in our CSP model, that would fall under the MCA framework - what is the guidance from Microsoft on that, has the MCA been updated so that it is fit for…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-17T17:25:08.6266667+00:00
Cristian Nedelcu 20 Reputation points
answered 2025-02-18T16:07:52.77+00:00
Carl Vanden Eynde 0 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

ISO27001:2013

Hello, I have noticed that my VMs running Linux Ubuntu 24.04 LTS are not compliant with the following policies: 7f89b1eb-583c-429a-8828-af049802c1d9 (Audit diagnostic setting for selected resource types) 32133ab0-ee4b-4b44-98d6-042180979d50 ([Preview]:…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,477 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,379 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-17T14:08:59.2933333+00:00
Vondál Matouš 20 Reputation points
commented 2025-02-18T15:02:54.3633333+00:00
Vondál Matouš 20 Reputation points
0 answers

Azure Resource Graph (ARG) Query to List All Failed Policy Deployments

When using Azure Policy, in particular a policy with Deploy If Not Exist (DINE), naturally the policy will try to remediate anything that doesn't align to the policy definition. However, if there is something that prevents the Policy Deployment from…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-07T17:18:21.59+00:00
Adin Ermie 0 Reputation points
commented 2025-02-18T05:43:44.46+00:00
Rahul Podila 1,825 Reputation points Microsoft Vendor
1 answer One of the answers was accepted by the question author.

Private DNS zone with virtual network link on creation.

We currently have a hub and spoke setup with our Custom DNS on a single Subscription. what we want to do is if new DNS zones are created they get linked to the Custome DNS Vnet. Could this be done by azure policy

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
728 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,643 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2022-05-26T15:07:37.027+00:00
Matthew-5454 21 Reputation points
accepted 2025-02-17T17:46:56.69+00:00
Matthew-5454 21 Reputation points
1 answer One of the answers was accepted by the question author.

I am facing an issue with Azure Policy.

I am trying to enforce a tag on all my VMs. I have created a policy definition with a modify effect that adds the tag env with a value of prod if its missing. The policy assignment is at the subscription level. New VMs are getting tagged correctly, which…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-17T06:21:43.3033333+00:00
SirishSinghania 20 Reputation points
accepted 2025-02-17T06:34:32.8+00:00
SirishSinghania 20 Reputation points
1 answer

Geo-fencing on complete azure solution

Hi Team, I want my azure subscription and its resource to be only accessible from specific countries like US, India, Canada & Austrailai

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-27T05:32:10.2366667+00:00
Sagar Verma 0 Reputation points
commented 2025-02-17T03:54:39.5366667+00:00
Ashok Gandhi Kotnana 3,455 Reputation points Microsoft Vendor
2 answers One of the answers was accepted by the question author.

Generate Azure Policy compliance report with resource list

I am looking for a way to generate a report for Azure Policy compliance, which contains azure policies under a targeted Initiative, compliance against each azure policy under this initiative, including compliant and non-compliant resource list. At the…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-12T16:28:45.67+00:00
Rakesh Singh 330 Reputation points
answered 2025-02-17T03:09:26.6266667+00:00
Naveena Patlolla 320 Reputation points Microsoft Vendor
1 answer

How can I discover all necessary permissions to use a Azure Policy with least privileges

The Problem Hey I working for a project that will implement azure policies to secure the platform. We have to follow the policies of our customer. One of this policies is, to use always the concept of least privileges. If we take a look in the Policy…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,497 questions
asked 2024-09-04T12:37:55.9266667+00:00
Rust, Christopher 0 Reputation points
commented 2025-02-14T07:38:24.11+00:00
Yordan Dimov 45 Reputation points
2 answers One of the answers was accepted by the question author.

How can I limit an application access to view only a subset of the users in Microsoft Graph API, MS Teams endpints?

What are the methods to restrict an application, that is using the Microsoft Graph API to fetch users conversations, access so that it can only view data of Microsoft Teams endpoints for a specific subset of users, ?

Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
10,890 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,068 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-02-13T12:55:02.2133333+00:00
Noga Malach 20 Reputation points
accepted 2025-02-13T18:01:44.01+00:00
Noga Malach 20 Reputation points
1 answer

Policy to deny VM & VMSS creation with installing the Entra ID (formerly AAD) extension on them

Can we have a custom policy to deny VM & VMSS creation with installing the Entra ID (formerly AAD) extension on them, Also I there a way to auto remediate and install VM extention for Entra ID (formerly AAD) extension on linux and windows VMs

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2024-10-24T10:38:28.84+00:00
Virender Rathore 0 Reputation points
commented 2025-02-12T23:54:21.11+00:00
coffeebreak-5773 5 Reputation points
3 answers One of the answers was accepted by the question author.

Use Azure Policy to manage Extensions Allow- and Blocklist on Azure Arc Connected Machines

Is there a way to manage Extensions Allow- and Blocklist for Azure Arc Connected Machines? As mentioned in this KB-Article, it should be possible. But it is not precisely stated, if this works only for Azure VMs, or if this also applies for Arc…

Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
478 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-17T06:39:32.7166667+00:00
Lukas Berger 20 Reputation points
accepted 2025-02-11T09:26:56.29+00:00
Lukas Berger 20 Reputation points
1 answer

Azure Policy Definition false match against null value triggering non-compliance

I'm confused about the compliance result I'm getting against a test NSG of mine. I've tried the policy rule with "equals" and "match" with the same result. Basically, the policy rule says the current value must not match the target…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-28T17:06:07.12+00:00
DICKENS Jesse * DAS 0 Reputation points
commented 2025-02-11T01:40:56.71+00:00
DICKENS Jesse * DAS 0 Reputation points
3 answers One of the answers was accepted by the question author.

Restrict Savings Plan creation outside specified subscription in Mgmt group via Azure Policy

Using Terraform/Azure Policies, I want to restrict the creation of savings plans only to one of our subscriptions i.e Prod. We have more than 10 subscriptions in the tenant in different management groups. Since Savings Plans don't have a straightforward…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-08T13:50:14.38+00:00
Vishal P 20 Reputation points
accepted 2025-02-10T16:48:56.5466667+00:00
Vishal P 20 Reputation points
1 answer

I needed assistance on my KQL query with regards to Policy | Compliance data

Hi, I needed help for my Defender for Cloud workbook. The following KQL allows me to show the selected custom policies or initiatives (from Control parameter) in a table. Unfortunately, I am unable to figure out how to improve the KQL to show the data…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-26T17:52:37.5233333+00:00
Eric Yong Sze Guan 0 Reputation points
edited a comment 2025-02-05T03:17:15.78+00:00
Eric Yong Sze Guan 0 Reputation points
1 answer

AD B2C Custom Policies auto-account-linking

I am currently trying to replicate the following custom policy sample: https://github.com/azure-ad-b2c/samples/tree/master/policies/auto-account-linking I generated all the needed things with the setup tool from the documentation, everything seems to…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,282 questions
asked 2024-11-08T09:26:08.6066667+00:00
Tiago C 20 Reputation points
commented 2025-01-31T16:33:07.4466667+00:00
MF 0 Reputation points
2 answers

Azure initiative for ISO 27001:2022

We have to implement ISO 27001:2022 at Azure Switzerlan. Is there an azure initiative for ISO 27001:2022? There is currently one for ISO27001:2013. Does anyone know what should be changed for 27001:2022?

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2023-11-03T06:41:04.88+00:00
Martin Egli 120 Reputation points
commented 2025-01-30T22:03:32.79+00:00
Steve Burkett 1 Reputation point
1 answer One of the answers was accepted by the question author.

Need help on azure policy for Virtual network Subnet Creation

I want to create a policy where is the Virtual Network subnet prefix is less then /24 then the policy should block the subnet creation. I have below sample policy but it is not working. Can you please help. { …

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-29T11:19:35.4333333+00:00
Rajnish Soni 40 Reputation points
accepted 2025-01-30T05:06:49.51+00:00
Rajnish Soni 40 Reputation points
1 answer One of the answers was accepted by the question author.

Enforcement Mode Enabled

Hello, In the diagram below: In best practice framework - the1st aspect is assign with enforcement mode disabled. Ok. Is it correct to say that the 2nd aspect is assign with enforcement mode…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
961 questions
asked 2025-01-28T12:22:37.4666667+00:00
Marouf Ali 680 Reputation points
accepted 2025-01-28T13:03:44.2233333+00:00
Marouf Ali 680 Reputation points