Creating Custom Policies
Simple modifications to existing Policy samples are relatively simple. But what if you need to do something new? Follow these labs to get a deeper understanding of the policy structure and how to use aliases.
Introduction
The number of in built policies and initiatives is vast, and keeps on growing. You will find most use case scenarios have been covered as Azure leverages policies to meet compliancy and regulatory requirements.
However, it is still common to come up against requirements from partners and customers that are not catered for. This is where custom policies come in. This lab will run through a real life requirement I had from a partner.
Pre-reqs
You will need:
- an Azure subscription
- Azure CLI
- jq
This lab uses Visual Studio Code, with the Azure Policy extension installed. It is recommended to read through the documentation for:
Labs
Customer scenario
In this first lab we will describe the customer scenario so that you understand the problem being solved by the custom policy.
Policy Aliases
Policy aliases are the secret sauce in custom policy creation. This lab will explain what they are and help you list the ones available for a resource type.
Determine the logic
You can't create a policy without knowing the logic that you need to embed in the policy.
Create the custom policy
OK, we know the aliases to use and the logic we need to apply. Time to construct the JSON for the custom policy.
Define, assign and test
Define the custom policy at the right scope point. Assign it and test it out to confirm that it works as expected.