Sample ARM and Bicep(!) templates for Azure policy and policy initiative definitions.
Before starting to work with these templates, read the information in the following blog posts according to your points of interest:
- [New] How to deploy Azure Policy with Bicep
- How to deploy Azure Policies with ARM templates
- Using ARM templates to deploy Azure Policy initiatives
- How to enforce naming convention for Azure resources
- Automatic tagging for Azure resources
- How to ensure proper configuration for your Azure resources
To start working with this project, clone the repository to your local machine and look for the artifacts in the specific folders:
- linked templates - contains sample ARM templates for policy and initiative definitions plus their assignments grouped by logical area
- main-template - contains master ARM template to perform deployments of all policies and initiatives to a subscription
To create definitions and assignments for policies and initiatives in the target subscription or resource group, use the following build order:
-
Deploy policy definitions
-
Deploy policy initiatives
-
(Optionally) Create a resource group to be used as a target for assignments during testing policy effects
-
Create policy and initiative assignments
-
Pay attention to the format of parameters as there are cases when they should be provided as an object type. Look into existing policies and initiatives for examples.
-
When using deployment scripts in the build/release pipelines, define the script variables in the pipeline ones.