Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
666 questions
1 answer
One of the answers was accepted by the question author.
Unable to run "az deployment mg create" on Tenant Root Group
Trying to deploy a management group structure via Bicep starting 1 level down from "Tenant Root Group". CLI command az deployment mg create needs to target the Tenant Root Group (which has the same ID as the Tenant ID as per…
asked 2024-03-12T03:36:40.1733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 40%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Jose-Paolo Roldan
20
Reputation points
commented 2024-03-15T08:02:03.4766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
SwathiDhanwada-MSFT
17,401
Reputation points
2 answers
how to make azure policy definition script that limits the number of resources per resource group? how to make azure policy definition script that limits the number of resources per resource group?
I want to limit the number of resources per resource group. For example, I would like to limit the creation of a maximum of 2 virtual machines and a maximum of 1 DB per resource group. My questions are: Does an Azure Policy Definition that satisfies…
asked 2024-01-21T15:52:02.56+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 19%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEC%3C/text%3E%3C/svg%3E)
elice-cloud-practice-dev
0
Reputation points
answered 2024-03-12T14:55:10.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 94%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETO%3C/text%3E%3C/svg%3E)
Tabut, Olivier
0
Reputation points
1 answer
After applying Azure policy for auto update for flagged VM its flagging
created new azure policy for VM automatic update on flagged vm but it still flagging. update name: "Microsoft .NET Core Security Update for January 2024" after update also it still showing old version only. how to auto update this issue using…
asked 2024-03-12T06:57:00.2966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 78%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
Maazulla Khan (HCL TECHNOLOGIES CORPORATE SER)
0
Reputation points Microsoft Vendor
edited the question 2024-03-12T11:36:13.19+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 64%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EON%3C/text%3E%3C/svg%3E)
OMMI NAVEEN KUMAR
195
Reputation points Microsoft Vendor
3 answers
Custom azure policy to enable automatic VM guest patching
I would like to enable Automatic VM guest patching using Azure Policy with DeployIfNotExist mode. I drafted a definition but it does not seems to work properly (it shows non compliant VM as compliant). { "mode": "All", …
asked 2024-01-31T10:18:40.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 94%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYF%3C/text%3E%3C/svg%3E)
Yasmin, Fitri
266
Reputation points
answered 2024-03-10T12:56:55.3166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 69%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECS%3C/text%3E%3C/svg%3E)
Cristian SPIRIDON
4,471
Reputation points
1 answer
Issue on connecting tenant id and subscription id
error fetching tenantID and subscriptionID from Azure CLI (are you logged on using az login?): failed to open file (C:\Users\ADMIN.azure\azureProfile.json) while loading token: open C:\Users\ADMIN.azure\azureProfile.json: The system cannot find the path…
asked 2024-02-25T05:35:10.35+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 37%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
Varma
1,120
Reputation points
commented 2024-03-08T17:00:42.2233333+00:00
deherman-MSFT
33,456
Reputation points Microsoft Employee
0 answers
How can an Azure policy assess SQL Azure database capacity?
I have a parameter "maxCores": { "type": "Integer", "metadata": { "displayName": "Max Capacity", "description": "The max cores or DTUs that can…
asked 2022-08-09T15:57:47.367+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 93%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERH%3C/text%3E%3C/svg%3E)
Russell H. DeGrove
6
Reputation points
commented 2024-03-08T09:16:20.1566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 80%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWP%3C/text%3E%3C/svg%3E)
WOJTAS, P. (PATRYCJA)
10
Reputation points
1 answer
Azure Policy trigger on Azure Budget alert
We need to assign azure policy to deny the creation of new resources to a subscription whose budget has been reached. And once it is below limit, the policy should be removed from that subscription automatically .So how can we integrate Azure Policy…
asked 2023-02-27T13:39:32.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 96%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
GAURAV SINGH
1
Reputation point
commented 2024-03-07T14:47:56.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 52%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Mohammad Wasif Rafique Mandal
35
Reputation points
1 answer
Azure arc machine configuration deployment error
Hello I am attempting to deploy sample machine configuration for an Azure arc machine resource following the steps mentioned in https://learn.microsoft.com/en-us/azure/governance/machine-configuration/how-to/develop-custom-package/overview except for…
asked 2024-03-06T09:15:36.6433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 37%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Anupam Kumar
0
Reputation points Microsoft Employee
commented 2024-03-06T16:48:46.0266667+00:00
Anupam Kumar
0
Reputation points Microsoft Employee
0 answers
Unable to apply Custom Guest Configuration on Linux VMs using the nxModule
Using Azure Policy, Im (unsuccessfully) applying a Custom Guest Configuration that uses the nxPackage and nxService. Troubleshooting led to me to manually apply the config using the Start-GuestConfigurationPackageRemediation cmdlet with the Verbose flag.…
asked 2021-09-21T13:19:20.923+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 43%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIV%3C/text%3E%3C/svg%3E)
Ivan Vorobiev
1
Reputation point
commented 2024-03-05T13:32:12.75+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 38%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Alexandre, Carvalho (A93)
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure Policy | How do i configure according to my need?
How can i make azure that i can only access the always free services and dont go beyond the quota. is it possible to make a policy for it and so how do i??? I want to just use the free services of azure that are available for free and dont cost…
asked 2024-03-02T09:05:26.24+00:00
Ishtiaque Ahmed CSEH Rafin
81
Reputation points
edited the question 2024-03-05T10:39:33.25+00:00
SwathiDhanwada-MSFT
17,401
Reputation points
2 answers
One of the answers was accepted by the question author.
What are the Azure policies i can implement to be compliant for European DORA act
As per the new Digital operational resiliency act, any financial services operating in europe need to be compliant by Jan 2025. For more reading please see the…
asked 2023-10-12T18:31:59.8933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 47%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
Ratish Kumar
71
Reputation points
commented 2024-03-05T05:57:53.06+00:00
SwathiDhanwada-MSFT
17,401
Reputation points
2 answers
Create Azure Policy to add role to resource group
Hello. I would like to create Azure Policy on subscription that will ensure, that to all resource groups (new and existing) that starts with 'xyz-' a role 'owner' will be granted to user with ID 'principalId'. Here is my code: { "mode":…
asked 2024-02-15T21:32:33.2+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 85%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Mateusz
0
Reputation points
commented 2024-03-05T05:52:19.32+00:00
SwathiDhanwada-MSFT
17,401
Reputation points
0 answers
Azure Policy Assignment name discrepancy in powershell output and azure portal
Hello , I am working on a pester test with a policy with some powershell scripts , i have deployed 2 storage accounts in azure and both are compliant with the policy which i have assigned. The powershell output different AssignmentName for one of the…
asked 2024-03-04T20:59:26.36+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 48%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
augustine leo
0
Reputation points
commented 2024-03-05T02:11:35.33+00:00
tbgangav-MSFT
10,381
Reputation points
1 answer
Azure APIM - CORS policy
Hello, I am currently facing issue with CORS issue in Azure APIM with my API. I added below CORS policy Inbound only to my API on All Operations, where for testing in I have kept all open where I am allowing any Origin, Header and Methods. This is still…
asked 2024-03-02T02:26:05.12+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 40%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Ghawali, Avinash (AssetMark)
0
Reputation points
answered 2024-03-04T12:31:37.56+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
JananiRamesh-MSFT
21,171
Reputation points
1 answer
iam creating policy to enable custom script extension through policy but its not working as iam using free trail in free trail it will work or not
{ "mode": "All", "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Compute/virtualMachines" …
asked 2024-02-28T05:04:33.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 22%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Akhil reddy
0
Reputation points
answered 2024-03-02T22:02:34.5+00:00
Ryan Hill
25,666
Reputation points Microsoft Employee
4 answers
Cannot assign a policy to Subscription or Resource Group from console
When I try to assign a policy to Subscription or Resource Group from the console, I get the error message: You cannot perform this action without the following permissions over selected scope (Microsoft.Authorization/PolicyAssignments/write)
asked 2022-05-07T16:53:08.467+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 63%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBE%3C/text%3E%3C/svg%3E)
Bernard Ervin
1
Reputation point
answered 2024-03-02T15:26:07.9433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 19%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pavankumarreddy mutra
0
Reputation points
2 answers
One of the answers was accepted by the question author.
Custom azure policy for vm selection using notlike for tags
Hello, I am debugging azure policy and still get wrong compliance status. For example I have two azure arc VM with tags: ClientCode: ggg and Environment: dev ClientCode: hhh and Environment: acc My policy should pick up that servers as compliant,…
asked 2023-01-22T19:16:21.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
Kestutis Murauskas
20
Reputation points
edited an answer 2024-03-01T16:36:56.86+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 65%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EON%3C/text%3E%3C/svg%3E)
oui nbvbert
0
Reputation points
2 answers
How to Implement Network Policy to Restrict Network Access to Azure Resources Based on IP Addresses?
Hello, I’m looking for guidance on how to automatically restrict network inbound and outbound traffic to all Azure resources. Specifically, I want to ensure that only users with certain IP addresses can access the endpoints. The challenge is that I’m not…
asked 2024-02-05T13:23:16.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 79%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERI%3C/text%3E%3C/svg%3E)
Radu Ifrim
20
Reputation points
edited the question 2024-03-01T05:05:11.5066667+00:00
KapilAnanth-MSFT
35,001
Reputation points Microsoft Employee
3 answers
Azure Policy DeployIfNotExists is not adding diagnostic setting configuration for event hub automatically
Two initiatives with multiple policies have been assigned at the management group level for every type of resource that can have a diagnostic setting to send log to the event hub. One initiative is for custom policies and the other is for built-in…
asked 2024-02-15T17:12:21.8766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 75%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Narayan, Ram
5
Reputation points
answered 2024-02-29T09:49:29.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT
19,936
Reputation points
2 answers
How can I find Azure Policy or Blueprints to apply for HITRUST
I am having a difficult time finding the pre-built set of Azure Policy or Azure Blueprints that correspond to HITRUST? There are a lot of articles in MS Learn but none that give instructions on how to actually deploy. Could anyone advise on where to…
asked 2024-02-25T16:52:38.6366667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 61%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
rocketfish2000
0
Reputation points
commented 2024-02-29T03:45:30.86+00:00
SwathiDhanwada-MSFT
17,401
Reputation points