AZ-104 - Governance and Compliance - Understanding Azure Policy

Control and organize Azure resources with Azure Resource Manager 

 Understanding Azure Policy 

 

 Define Azure Policy 

 Components of a Policy 

 Policy Examples 

 

 Enforce Compliance and enable auditing 

 Organization need to implement enterprise-level governance and compliance capabilities. 

 Prohibit resources 

 

 control costs 

 Restrict service access 

 

 Allowed Locations 

 

 Geographical compliance 

 

 

 Policy Definition 

 Defines the evaluation criteria for compliance, and defines the actions that take place. Either audit or deny should be something outside of compliance. 

 Policy Assignment 

 The scope at which we will assign our policy. The scope could be a management group, subscription, resource group, or resource. 

 Initiative Definition 

  A collection of policies that are tailored to achieving a singular high-level goal together (e.g., ensuring that VMs meet standards). 

 

 

 

 

 Policy Definition 

 

 Evaluate if a VM is being created with our tag Project:az104. if the VM is missing the tag, then deny creation of the resource. 

 

 

 

 Policy assignment  

 Assign the policy at the scope of the resource where the VMs will be created