Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
955 questions
1 answer
AD B2C Custom Policies auto-account-linking
I am currently trying to replicate the following custom policy sample: https://github.com/azure-ad-b2c/samples/tree/master/policies/auto-account-linking I generated all the needed things with the setup tool from the documentation, everything seems to…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 39%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETC%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 13%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
0 answers
Azure B2C custom policy self asserted change password skips change password screen when user has active session
I have implemented self asserted password change flow in my custom policies according to the instructions described in https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-password-change-policy?pivots=b2c-custom-policy. However when running…
asked 2025-01-30T07:50:42.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 11%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Mariam Harutyunyan
0
Reputation points
commented 2025-01-31T14:44:51.7433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
14,975
Reputation points Microsoft Vendor
0 answers
Azure Policy Definition false match against null value triggering non-compliance
I'm confused about the compliance result I'm getting against a test NSG of mine. I've tried the policy rule with "equals" and "match" with the same result. Basically, the policy rule says the current value must not match the target…
asked 2025-01-28T17:06:07.12+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 40%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDJ%3C/text%3E%3C/svg%3E)
DICKENS Jesse * DAS
0
Reputation points
edited a comment 2025-01-31T08:41:14.82+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 47%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Rahul Podila
1,570
Reputation points Microsoft Vendor
2 answers
Use Azure Policy to manage Extensions Allow- and Blocklist on Azure Arc Connected Machines
Is there a way to manage Extensions Allow- and Blocklist for Azure Arc Connected Machines? As mentioned in this KB-Article, it should be possible. But it is not precisely stated, if this works only for Azure VMs, or if this also applies for Arc…
asked 2025-01-17T06:39:32.7166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 15%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELB%3C/text%3E%3C/svg%3E)
Lukas Berger
0
Reputation points
commented 2025-01-31T04:10:19.11+00:00
Rahul Podila
1,570
Reputation points Microsoft Vendor
2 answers
Restrict Savings Plan creation outside specified subscription in Mgmt group via Azure Policy
Using Terraform/Azure Policies, I want to restrict the creation of savings plans only to one of our subscriptions i.e Prod. We have more than 10 subscriptions in the tenant in different management groups. Since Savings Plans don't have a straightforward…
asked 2025-01-08T13:50:14.38+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 39%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVP%3C/text%3E%3C/svg%3E)
Vishal P
0
Reputation points
commented 2025-01-31T04:07:37.94+00:00
Rahul Podila
1,570
Reputation points Microsoft Vendor
2 answers
Azure initiative for ISO 27001:2022
We have to implement ISO 27001:2022 at Azure Switzerlan. Is there an azure initiative for ISO 27001:2022? There is currently one for ISO27001:2013. Does anyone know what should be changed for 27001:2022?
asked 2023-11-03T06:41:04.88+00:00
Martin Egli
120
Reputation points
commented 2025-01-30T22:03:32.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 77%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Steve Burkett
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Need help on azure policy for Virtual network Subnet Creation
I want to create a policy where is the Virtual Network subnet prefix is less then /24 then the policy should block the subnet creation. I have below sample policy but it is not working. Can you please help. { …
asked 2025-01-29T11:19:35.4333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 17%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rajnish Soni
40
Reputation points
accepted 2025-01-30T05:06:49.51+00:00
Rajnish Soni
40
Reputation points
1 answer
Configure Azure Activity logs to stream to specified Storage account from all subscriptions
I want to Configure Azure Activity logs to stream to specified Storage account from all subscriptions, is there any Built In policy available which can be leveraged to send activity logs from all subscription to a pre-defined storage account.
asked 2025-01-21T15:16:39.2166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 46%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKR%3C/text%3E%3C/svg%3E)
Kaushik Ray
0
Reputation points
commented 2025-01-30T04:52:56.69+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 32%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pavan Minukuri
1,045
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Enforcement Mode Enabled
Hello, In the diagram below: In best practice framework - the1st aspect is assign with enforcement mode disabled. Ok. Is it correct to say that the 2nd aspect is assign with enforcement mode…
asked 2025-01-28T12:22:37.4666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 33%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Marouf Ali
540
Reputation points
accepted 2025-01-28T13:03:44.2233333+00:00
Marouf Ali
540
Reputation points
1 answer
I needed assistance on my KQL query with regards to Policy | Compliance data
Hi, I needed help for my Defender for Cloud workbook. The following KQL allows me to show the selected custom policies or initiatives (from Control parameter) in a table. Unfortunately, I am unable to figure out how to improve the KQL to show the data…
asked 2025-01-26T17:52:37.5233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 33%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEY%3C/text%3E%3C/svg%3E)
Eric Yong Sze Guan
0
Reputation points
edited a comment 2025-01-27T15:02:57.5633333+00:00
Eric Yong Sze Guan
0
Reputation points
1 answer
Configure Azure Activity logs to stream to specified Storage account from all subscriptions
I want to send all Activity logs from all subscriptions (with in my Managment group) to a specific storage account. Do we have any Built in policy which can be enforced at management group and propagated to all subscriptions ?
asked 2025-01-21T13:00:08.1766667+00:00
Kaushik Ray
0
Reputation points
commented 2025-01-27T10:37:40.9333333+00:00
Stanislav Zhelyazkov
25,671
Reputation points MVP
1 answer
charged billing even though i was not using developer plan.plz cancel my azure subscription and help me.
I was charged for non using developer account i am not in position to pay the balance.Please cancel my payment.and subscription immediately i am student and i cannot pay the balance.Please kindly cancel my developer plan and ignore my balance as i dont…
asked 2025-01-22T19:19:08.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 46%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECP%3C/text%3E%3C/svg%3E)
ch pavan
0
Reputation points
commented 2025-01-27T09:44:32.14+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 20%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPR%3C/text%3E%3C/svg%3E)
Pranay Reddy Madireddy
1,585
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
DORA Regulations and Azure CSP (Reseller)
Hi team - we have customers asking us for DORA addendums in their Azure contracts - as they are in our CSP model, that would fall under the MCA framework - what is the guidance from Microsoft on that, has the MCA been updated so that it is fit for…
asked 2025-01-17T17:25:08.6266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 74%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECN%3C/text%3E%3C/svg%3E)
Cristian Nedelcu
20
Reputation points
accepted 2025-01-23T06:52:49.3433333+00:00
Cristian Nedelcu
20
Reputation points
2 answers
One of the answers was accepted by the question author.
How to add multiple values to one tag?
Hi, I would like to add multiple values to one tag. E.g. a database might be used for several projects, so I would like to assign two project ids. I tried separating with semicolon or whitespace, added JSON as shown on the linked page but was not…
asked 2022-01-13T12:18:05.663+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 11%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
John Connor
316
Reputation points
commented 2025-01-22T08:22:17.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 97%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Jochem Boersma
1
Reputation point
1 answer
One of the answers was accepted by the question author.
Question about VM update and Policy
Hi everyone, I have been tasked to create a policy that will do a weekly VM update at a certain time but I have been reading more about this and if my understanding is correct, policy is not meant to be used this way. My understanding is I will need to…
asked 2025-01-20T21:09:16.9266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 66%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHT%3C/text%3E%3C/svg%3E)
Handinata Tanudjaja
120
Reputation points
accepted 2025-01-20T21:28:35.33+00:00
Handinata Tanudjaja
120
Reputation points
0 answers
Urgent: Account Locked and Verification Issues (TrackingID#2412170040002994)
Dear Azure Support, I am reaching out regarding our account, which has been locked for almost a month. Unfortunately, despite following up on the emails we've received, the responses have not been helpful in resolving the issue. This situation is…
asked 2025-01-03T06:52:18.5066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 7.000000000000001%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
RePoint Solutions
0
Reputation points
commented 2025-01-20T10:28:01.16+00:00
Rahul Podila
1,570
Reputation points Microsoft Vendor
1 answer
Question regarding the document- https://learn.microsoft.com/en-us/azure/openshift/howto-tag-resources
Team, I'm from the Azure Containers team, and regarding the documentation, there seems to be an issue that needs some opinions. Below are the test lab results I performed. Please see the details below. Thanks, Conclusion The policy definition and…
asked 2025-01-13T17:02:45.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 38%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWL%3C/text%3E%3C/svg%3E)
Wayden Lee
0
Reputation points Microsoft Employee
commented 2025-01-20T01:32:10.24+00:00
Rahul Podila
1,570
Reputation points Microsoft Vendor
2 answers
Is it possible to enforce a Resource Naming Convention using a RegEx from an Azure Policy.
Is it possible to enforce a required resource naming convention using a RegEx from an Azure Policy.
asked 2023-07-11T17:21:04.89+00:00
Sai Kiran Maturi
66
Reputation points
commented 2025-01-16T05:46:33.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 17%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Diksha Sindhwani
0
Reputation points
0 answers
AZT508 - Azure Policy
Hello all :) I have designed the following simple KQL query to monitor for potential misuse of the DeployIfNotExists effect by detecting policy definition updates: AzureActivity | where OperationNameValue ==…
asked 2025-01-13T15:12:22.7433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 2%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
Tomáš Hrabkovský
0
Reputation points
commented 2025-01-16T04:48:44.3633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 63%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Ashok Gandhi Kotnana
3,035
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Have few queries related to management group
Hello Team, Have few queries related to management group. For example, I've a parent MG and child MG. Need to create a new MG under child MG and move few subscriptions from child MG to new MG. By doing so, Will there be any latency and data loss? Will…
asked 2025-01-14T09:34:02.6233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 16%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Mahadev, Rakesh [HAEA]
200
Reputation points
accepted 2025-01-15T08:46:54.4733333+00:00
Mahadev, Rakesh [HAEA]
200
Reputation points