Learn how to implement an Azure Policy
🈯What is an Azure Policy?
💥Azure Policy is a collection of rules/guidelines you may implement to control how your cloud resources should be set up and utilized.
💥These rules may apply to a variety of things, including resource configurations, access restrictions, security settings, etc.
💥You can make sure that all the resources deployed in Azure adhere to a set of consistent standards by creating policies.
💥Azure Policy regularly assesses your resources in comparison to these policies to determine whether they adhere to the required standards.
💥If a resource does not adhere to the established rules, Azure Policy may take corrective measures or prohibit the resource from being created or updated.
💥It guarantees that your Azure environment stays compliant, secure, and aligned with your organization’s requirements.
Let’s learn how to Implement Azure Policy
- Resource Group Creation
💥Open https://portal.azure.com/ and open the PowerShell, which is available on the right side of Azure Portal.
💥While launching Powershell, it gives the option to Create the storage.
💥In Powershell, enter the below command to create the resource in the “East US” region.
New-AzResourceGroup -Name CNLPolicy -Location 'East US'
💥Run the below command to see the created resource group.
Get-AzResourceGroup | format-table
2. Policy Creation
💥Create the Policy for the allowed Locations for the resources.
💥Search for Policy in the search bar as shown below.
💥On the Policy page, Under the Authorizing section, click on Definitions.
💥Search for allowed locations, and click on allowed locations to create the policy.
💥Click on Assign.
💥On the Basics tab, enter the Subscription, Resource Group and Click Select.
💥You can change the Assignment name and Description as per the policy.
💥Click Next, In the Parameters tab of allowed locations. From the drop-down list, choose either UK South or the other locations as per your requirements.
💥Review the configuration and click on Create.
💥Successfully created the Policy.
3. Let’s test the policy that was created.
💥Search for Virtual Network and click on Create, Select the Resource Group and provide the Virtual network name and Region.
💥Unable to create the virtual network as the allowed location is UK South but the East US location was selected while creating the virtual network.
💥Changed the location to the UK South.
💥Successfully created the Virtual Network.
4. Clean up the resources that were created.
💥Use the below command to delete the resource group using the PowerShell command.
Remove-AzResourceGroup -Name "CNLPolicy"
💥You can delete the storage group that was created for the Powershell from the portal.
💥To delete the Network Watcher, Go to Network Watcher — Click on Disable as shown below, confirm delete -type Yes.
💥Successfully cleaned up all the resources.
💥We came to the end of the blog, Stay tuned for the next blog to learn about Azure Security hands-on.
