Azure Classroomnotes 04/Sep/2022

Azure Policy

  • This is enforce rules against Azure Resources and verify if they are aligned or not.
  • Refer Here for the official docs of Azure Policy
  • Assign Azure Policies to Management Group/Subscription/Resource Group
  • To Create your own policy Refer Here
  • Sample Policy
    "properties": {
        "displayName": "Allowed locations",
        "description": "This policy enables you to restrict the locations your organization can specify when deploying resources.",
        "mode": "Indexed",
        "metadata": {
            "version": "1.0.0",
            "category": "Locations"
        "parameters": {
            "allowedLocations": {
                "type": "array",
                "metadata": {
                    "description": "The list of locations that can be specified when deploying resources",
                    "strongType": "location",
                    "displayName": "Allowed locations"
                "defaultValue": [ "westus2" ]
        "policyRule": {
            "if": {
                "not": {
                    "field": "location",
                    "in": "[parameters('allowedLocations')]"
            "then": {
                "effect": "deny"
  • Refer Here for the git repository with built-in and other policies and Refer Here for community policies

Azure BluePrints

  • Blue Prints are used to create scalable deployments where the following are applied to Management Groups.
    • ARM Templates
    • Policy
    • RBAC
    • Deny Assignments
  • Refer Here for the Azure Blue prints docs
  • Refer Here for the Blue Print Creation Quick Start from portal
  • Activity:
    • Azure Management Group Quick Start
    • Azure Blue Print Quick Start

Azure Deny Assignments

Azure AD B2C

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner