776 questions with Azure Policy tags

Sort by: Updated
1 answer

how to add custom property in application insight from apim policies

i need to access my variable values of the apim in application insight's custom properties (inside transaction history ) how can i do it i have tried using trace in my apim policy i have added this in my policy how can i access the value of the…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,740 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-27T09:50:06.1266667+00:00
Shah, Maitree 0 Reputation points
answered 2024-03-28T16:13:16.9933333+00:00
Sina Salam 2,691 Reputation points
1 answer One of the answers was accepted by the question author.

Is it possible to use Azure Policy to apply CanNotDelete locks at resource level?

I am trying to use Azure Policy to track compliance of resources with or without locks on and if a resource doesn't have a lock on, then apply the lock. I have been able to get Azure Policy to apply CanNotDelete locks at the ResourceGroup level, however…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2021-10-13T18:52:32.337+00:00
Chad Woodhead 21 Reputation points
commented 2024-03-28T15:07:11.98+00:00
Joan Jimenez Canals 0 Reputation points
1 answer

Looking for Kusto query or a azure policy where an alert should be generated when azure blob data action role permissions are assigned on a built in or custom role for a storage account.

{ "mode": "All", "policyType": "Custom", "displayName": "Audit Blob Data Action Role Permissions Assignments", "description": "Audits when roles with Azure Blob data…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-26T17:51:42.8933333+00:00
Sahith Thatipalli 40 Reputation points
commented 2024-03-28T13:25:37.2533333+00:00
Sahith Thatipalli 40 Reputation points
0 answers

Azure policy is not working on App services

I have created azure policy for app service that do not assign any public IP and set default TLS 1.3 but still I can be able to create app services with default settings.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-27T12:58:15.2366667+00:00
Shivshankar sharma 0 Reputation points
commented 2024-03-27T23:33:33.9+00:00
guilherme rodrigues 160 Reputation points
1 answer

What Permission is required for configuring Azure policy

What IAM permission is required for creating Azure policy over the Subscription.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-27T17:14:07.8733333+00:00
Mahavir Saroj 201 Reputation points
answered 2024-03-27T19:05:08.85+00:00
Marcin Policht 4,535 Reputation points MVP
1 answer

How to lock the Vnet peerings like we lock the the resources in resource group once after we create them?

To prevent unauthorized peerings to other Vnets after creation, it's essential to lock the peerings to restrict access for other users from creating unnecessary peerings. How to do that? Can anyone help me out with this? Thanks.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,089 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
644 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-27T04:26:00.8033333+00:00
Priyanka Varma 0 Reputation points
commented 2024-03-27T07:18:08.72+00:00
KapilAnanth-MSFT 33,646 Reputation points Microsoft Employee
4 answers One of the answers was accepted by the question author.

Disable trusted launch Azure VM

Hello Everyone, I have an issue with one of my VM's on Azure. This machine was previously created with Trusted Launch enabled on it(Don't know why). Now, I can't backup it up with my default backup policy, only with enhanced one which is…

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,981 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2022-09-01T12:36:42.213+00:00
Vlad Dodin 21 Reputation points
commented 2024-03-26T13:09:12.57+00:00
Mohammad Wasif Rafique Mandal 35 Reputation points
0 answers

While doing remediation in Azure policy assignment getting below error

While doing remediation in Azure policy getting error: Evaluation of DeployIfNotExists policy was unsuccessful. The policy assignment…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-18T17:58:12.0866667+00:00
Sourabh sourabh 0 Reputation points
commented 2024-03-26T05:46:31.2+00:00
AnuragSingh-MSFT 19,266 Reputation points
0 answers

I am working on azure policy where an alert will be generated if a RBAC role is assigned with a blob data action permissions on a storage account. Can anyone please help in correcting the code I have written.

{ "mode": "All", "policyType": "Custom", "displayName": "Audit Creation of RBAC Roles for Storage Accounts", "description": "This policy audits any new or updated RBAC…

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,608 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
892 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-25T14:24:12.9833333+00:00
Sahith Thatipalli 40 Reputation points
commented 2024-03-25T22:08:21.3166667+00:00
KarishmaTiwari-MSFT 17,997 Reputation points Microsoft Employee
8 answers

Exempt Azure policy for Users in specific AD group?

Hello, Is it possible to bypass Azure policy for specific AD users or AD groups while creating objects in AKS

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,821 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2023-04-28T15:02:45.9833333+00:00
Tanul 1,251 Reputation points
answered 2024-03-22T03:23:02.8966667+00:00
Konstantinos Passadis 16,956 Reputation points
1 answer One of the answers was accepted by the question author.

Why ceating private endpoint in existing key vault blocks the public access from all network as well as selected network fails?

In Key Vault, Customer firewall is set to public and some to selected network with list of IPs. As soon as we create private endpoint, all other previous connection with pubic/selected network fails. But based on below documentation, I would like…

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,083 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
644 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2022-09-26T18:41:02.043+00:00
Dinesh Madhup 46 Reputation points Microsoft Employee
accepted 2024-03-21T00:28:13.5933333+00:00
Dinesh Madhup 46 Reputation points Microsoft Employee
1 answer

How to exclude a group of users in an azure policy from deny action

current situation: there is a zure policy with deny action that prohibits the deletion of resource groups and resources. requirement: create a user group in azure in which every member of that group is excluded from the azure policy deny action

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-13T21:04:25.21+00:00
Omer Jesus Gonzalez Vizcaino 0 Reputation points
commented 2024-03-20T11:28:11.3933333+00:00
SwathiDhanwada-MSFT 17,136 Reputation points
2 answers

MicrosoftDNSAgent extension

Hello Team, I am planning install/deploy MicrosoftDNSAgent extension. I have already applied AMA policy with DCRs. now planning to choose unified method to deploy and configure MicrosoftDNSAgent extension by policy since AMA and scope specific DCR…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,740 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,981 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-01-30T13:34:19.3433333+00:00
Naresh Babu 135 Reputation points
answered 2024-03-20T10:12:05.58+00:00
Stellnberger Philipp 0 Reputation points
2 answers

How deny policy or rule inherits from Root Tenant to resource level

I am trying to understand how deny policy/rule works in terms of inheritance. If I create a deny policy of - "not able to create resources" at Root Tenant. Under the root tenant I have a management group IT and a Dev subscription under this…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-17T20:46:18.96+00:00
Nishith Suthar 0 Reputation points
answered 2024-03-20T07:15:08.6366667+00:00
SwathiDhanwada-MSFT 17,136 Reputation points
1 answer

Deny assignment for data plane actions

Can deny assignments be defined to block data plane actions (prevent deletion of blobs inside a storage account for example)? I know that Blueprints or Azure policy can provide some level of denial to delete actions it doesn't look like it covers data…

Azure Blueprints
Azure Blueprints
An Azure service that provides templates for quick, repeatable creation of fully governed cloud subscriptions.
69 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-03T13:55:16.23+00:00
AssafL 1 Reputation point
commented 2024-03-19T18:59:29.64+00:00
Monalla-MSFT 10,541 Reputation points
1 answer

Azure initiative for ISO 27001:2022

We have to implement ISO 27001:2022 at Azure Switzerlan. Is there an azure initiative for ISO 27001:2022? There is currently one for ISO27001:2013. Does anyone know what should be changed for 27001:2022?

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2023-11-03T06:41:04.88+00:00
Martin Egli 105 Reputation points
commented 2024-03-19T12:56:59.58+00:00
BollaertIgor-0366 2 Reputation points
1 answer

Extracting resource compliance states | How to download data for resource compliance states in Azure Policies|

I have several Azure Policies, and from the portal If I go to the assignments and look at the policy I can get the compliance percentage and status of each resource (Compliant or not-compliant), However there is no way for me to download to the data to…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-12T17:32:17.7+00:00
prasannarajayya 0 Reputation points
commented 2024-03-18T17:25:37.42+00:00
Monalla-MSFT 10,541 Reputation points
1 answer One of the answers was accepted by the question author.

Azure Policy for BlobServices

Hi, community! I'm using this policy in order to audit blob versioning: { "properties": { "displayName": "Custom: Configure your Storage account to enable blob versioning", "policyType":…

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,369 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-15T12:26:44.2733333+00:00
Serhii Polhorodnyk 20 Reputation points
commented 2024-03-17T13:27:37.58+00:00
Serhii Polhorodnyk 20 Reputation points
2 answers

Anyone knows for sure if, in Azure Portal, they have controls / policies to implement / be controled by Azure, for the new version of ISO 27001:2022 ?

Hello, i need to know if we can add that kind of controls to be assessed by the Azure portal, instead of the ISO 27001:2013, that already has controls listed; is there a way of add / use the new version of ISO (ISO 27001:2022), within the Policy, inside…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-16T19:14:35.4766667+00:00
Pedro Costa - MixMove 20 Reputation points
answered 2024-03-16T19:58:27.2633333+00:00
Azar 16,870 Reputation points
1 answer One of the answers was accepted by the question author.

Unable to run "az deployment mg create" on Tenant Root Group

Trying to deploy a management group structure via Bicep starting 1 level down from "Tenant Root Group". CLI command az deployment mg create needs to target the Tenant Root Group (which has the same ID as the Tenant ID as per…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
644 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
776 questions
asked 2024-03-12T03:36:40.1733333+00:00
Jose-Paolo Roldan 20 Reputation points
commented 2024-03-15T08:02:03.4766667+00:00
SwathiDhanwada-MSFT 17,136 Reputation points