LAB6: Creating and Configuring Azure Policies

Author - eXplore CloudBuzz
December 05, 2024
0

 Creating Azure Policies

What are Azure Policies? 

  • Azure Policy is a governance service in Azure that enforces rules and standards on resources to ensure compliance with IT policies.
  • Azure Policy ensures resources meet required configurations and alerts you to non-compliance.
  • Azure policy is basically 3 components; policy definition, assignment and parameters.
  • A policy definition specifies conditions to control resources, like allowed types or mandatory tags.
  • A policy assignment defines the scope (resource, group, or management level) where a policy applies, inheriting rules for all child resources.
  • Policy parameters simplify policy creation by customizing conditions, like VM SKUs or specific locations, without needing multiple definitions.



Scenario:

Restrict Resource Creation to a Specific Region and Resource Group

Your organization wants to ensure that all resources are deployed only in the "East US" region and within a specific resource group, "RG-East-US", to maintain compliance and consistency.


Step1: Login the Azure Portal à Search Policy

 





Step2: Click on (…) to explore the Scop à Select Subscription & Resource Group à Click on Select

 


Step3: Click on Authoring à Definition

 



Step4: Click on Search à Type Allowed Location à Click on Allowed Location

Note: To deploy or allocate resources only in the East US region and a specific resource group, use the "Allowed Locations" policy to restrict resource deployment to the desired region and resource group.


Step5: Click on Assign Policy


Step6: Fill the basic tab and other required details Ã  Next




On the parameter tab à Select your Region where you want to deploy or allocate the resource.


Review & Create à Create

 



Let’s test our policy

Step7: Go-to Azure Dashboard à Search virtual network àTry to create new virtual network in Central Us region à Review & Create

 


Step8: While validation steps its getting error

 


Now trying to create the resources in allowed region East US

Filled all the required details and now at this time selecting the region East US à Review & Create


Now its successfully gets validation pass and create option is visible and we can create the virtual network in East US region.


 


Thank You !

 

 

 

 

 

Tags

You may like these posts

Show more

Post a Comment

0Comments
Post a Comment (0)
Share to other apps
Copy Post Link
To Top