Steps to Create an Azure Policy

This is continuation to article what is Azure Policy.

Let’s create one resource in Azure.
I am creating a Public IP Address without any Tags.

Go to policy definitions

Click on Add Policy Definition, Paste below definition.

{
“policyRule”: {
“if”: {
“not”: {
“field”: “tags”,
“containsKey”: “CostingBU”
}},
“then”: {
“effect”: “deny” }}}

This Definition will ensure that every resource contains tags. Location I have selected Subscription so that I need this policy to effect only one of the subscriptions.

Save It, you can view the policy.

Click on Assign

Scope, I have selected a resource group where we have created an Public Ip.
Added a Non-Compliant message

Now let’s try to create an App service without tag in the same resource group.
Give basic details and go to review and create.
Hit Create
You will error on screen.

We can see that our policy in working.
Now go to policy
On landing page you can see policies and status as below.

Click on your policy, you can see which resource is non-complaint.

Now let’s go and add tags to the public Ip resource.
Add the tag

Now go to Policy and see the status, Select custom to view your policy.

We can see the effect after 24hrs.

Cleanup resources.