💻
AZ-900 Notes
  • Intro to me
  • CAPEX vs OPEX
    • CAPEX vs OPEX
  • Core Azure Things
    • Regions
    • Region Pairs
    • Geographies
    • Availability Options
    • Availability Sets
    • Availability Zones
    • Resource Groups
    • Resource Manager
  • Compute
    • Virtual Machines
    • Virtual Machine Scale Sets
    • App Service
    • Functions
  • Container
    • Container Instances
    • Kubernetes Service
  • Networking
    • Virtual Network
    • Load Balancer
    • Virtual Private Network (VPN) Gateway
    • Application Gateway
    • Content Delivery Network
  • Storage
    • Disk Storage
    • Containers (Blobs)
    • Files
    • Queues
    • Tables Storage
  • Database
    • Cosmos DB
    • SQL Database
    • Database Migration
  • Marketplace
    • Marketplace
  • Internet of Things (IoT)
    • IoT Central
    • IoT Hub
  • Big Data and Analytics
    • Synapse Analytics
    • HDInsight
    • Data Lake Analytics
  • Artificial Intelligence
    • Cognitive Services
    • Machine Learning Service
    • Bot Service
  • Serverless Computing
    • Functions
    • Logic Apps
    • Event Grid
  • DevOps
    • Azure Boards
    • Azure Pipelines
    • Azure Repos
    • Azure Test Plans
    • Azure Artifacts
    • DevOps Services
    • Lab Services
  • App Service
    • App Service
  • Management Tools
    • Portal
    • PowerShell
    • Command Line Interface (CLI)
    • Cloud Shell
    • Mobile App
    • REST API
  • Azure Advisor
    • Azure Advisor
  • Securing Networks
    • Azure Firewall
    • Azure Distributed Denial of Service protection
    • Network Security Groups
    • Application Security Groups
    • Network Security Solutions
  • Identity
    • Authentication vs Authorization
    • Active Directory
    • Multi-Factor Authentication
  • Security Tools and Features
    • Security Centre
    • Key Vault
    • Azure Information Protection (AIP)
    • Advanced Threat Protection (ATP)
  • Azure Governance
    • Azure Policy
    • Implementing Azure Policy
    • Policy Initiatives
    • Role-Based Access Control (RBAC)
    • Resource Locks
    • Blueprints
    • Subscription Governance
  • Monitoring
    • Tags
    • Azure Monitor
    • Azure Service Health
    • Monitoring
  • Privacy and Compliance
    • Compliance
    • Microsoft Privacy Statement
    • Trust Centre
    • Service Trust Portal
    • Azure Government Services
    • Azure China 21Vianet
    • Azure Germany
  • Azure Subscriptions
    • Azure Subscriptions
    • Subscriptions Offers
    • Azure Free Account
    • Management Groups
    • Support Plans
  • Managing Costs
    • Purchasing Azure Resources
    • Factors affecting costs
    • Zones For Billing Purposes
    • Pricing Calculator
    • Total Cost of Ownership Calculator
    • Cost Management
    • Costs Best Practices
  • Service Level Agreements (SLAs)
    • Service Level Agreements (SLAs)
    • SLAs Percentages
    • Composite SLA
    • Application SLA
  • Service Lifecycle
    • Public and Private Preview
    • How to access Previews
    • How to access Portal Previews
    • General Availability
    • Monitor updates
Powered by GitBook
On this page
  • Create a policy definition
  • Assign the definition to resources
  • Review the policy evaluation results

Was this helpful?

  1. Azure Governance

Implementing Azure Policy

PreviousAzure PolicyNextPolicy Initiatives

Last updated 4 years ago

Was this helpful?

Create a policy definition

  • Policy definition expresses what to evaluate and what action to take.

  • E.g. you could prevent a hard disk from being used when deploying VMs to control costs.

  • Has conditions under which it is enforced.

Assign the definition to resources

  • To implement your policy definitions, you assign them to resources.

  • Policy assignment - Policy definition that has been assigned to take place within a specific scope.

  • Policy assignments are inherited by all child resources.

  • If a policy is applied to a resource group, it is applied to all the resources within that resource group but you can exclude a child group from the policy assignment.

Review the policy evaluation results

  • When a condition is evaluated against your existing resources it is marked compliant or non-compliant.

  • Review the non-compliant policy results and take any action that is needed.