Service that helps organizations implement governance and monitor standards : Azure Policy documentation | Microsoft Learn
Enforce standards → provide supported options that adhere to company standards.
Prevent non-compliance → deny operations that do not adhere to standards.
Report on compliance → audit and report on resources and their adherence to standards.
...
Assignment → Policies must be assigned to a scope : it can include a resource, resource group, subscription or management group.
| Code Block | ||
|---|---|---|
| ||
{ "properties": { "displayName": "Require encryption on Data Lake Store accounts", "policyType": "BuiltIn", "mode": "Indexed", "description": "This policy ensures encryption is enabled on all Data Lake Store accounts", "metadata": { "version": "1.0.0", "category": "Data Lake" }, "parameters": {}, "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.DataLakeStore/accounts" }, { "field": "Microsoft.DataLakeStore/accounts/encryptionState", "equals": "Disabled" } ] }, "then": { "effect": "deny" } } }, "id": "/providers/Microsoft.Authorization/policyDefinitions/a7ff3161-0087-490a-9ad9-ad6217f4f43a", "type": "Microsoft.Authorization/policyDefinitions", "name": "a7ff3161-0087-490a-9ad9-ad6217f4f43a" } |