A curated list of AWESOME blogs, videos, tutorials, code, tools, scripts. Anything which can help you learn Azure Policy and quickly get started with designing, planning, and implementing governance controls to your resources.
Community contributions are welcome! Check out the contribution guide today and submit a pull request!
- Microsoft Learn
- Microsoft Docs
- Microsoft Videos
- Microsoft Announcements and Articles
- Microsoft Repositories and Tools
- Microsoft Forums and Feedback
- Community Videos
- Community Podcasts
- Community Books
- Community Articles
- Community Tools
- Community Repositories
- Community Forums
- Address Tangible Risks With The Govern Methodology Of The Cloud Adoption Framework For Azure
- Azure Kubernetes Services Governance with Azure Policy
- Build Cloud Governance Strategy On Azure
- Configure Azure Policy
- Design An Enterprise Governance Strategy
- Design Governance
- Intro to Azure Policy
- Manage security operations in Azure
- Adopt Policy-Driven Guardrails
- ARM Templates - Azure Policy Assignments
- ARM Templates - Azure Policy Definitions
- ARM Templates - Azure Policy Exemptions
- ARM Templates - Azure PolicySet Definitions
- Azure CLI - Azure Policy
- Azure Policy
- Deploy and manage Traffic Analytics using Azure Policy
- Policies included in Azure Landing Zones reference implementations
- PowerShell - Azure Policy
- Secure your cluster with Azure Policy
- Understand Azure Policy for Kubernetes clusters
- Use Azure Policy extension for Visual Studio Code
- Azure Governance & Deployments Quarterly Customer Panel December 2021
- Azure Governance and Deployments Quarterly Customer Panel Feb 2021
- Azure Governance and Deployments Quarterly Customer Panel May 2021
- Azure Governance and the latest updates on Azure Policy
- Azure Governance for ISVs, Session 02: Policies, Initiatives, and Blueprints
- Azure Policy and Kubernetes
- Azure Policy on Azure Kubernetes Service
- Azure Policy Version Management
- Azure Takeoff Show - Azure Policies and Locks
- AzureFunBytes - Intro to Azure Policy
- Compliance with Azure Policy
- Deep dive into Implementing governance at scale through Azure Policy
- Enforcement with Azure Policy
- Getting started with Azure Policy
- Global Azure - Notes from the field: Policy-driven Governance
- Govern Azure Arc-enabled K8S Clusters with Azure Policy | KubeCon NA 2021
- On Prem To The Cloud: Everything As Code
- Performing Remediation on Resources with Azure Policy
- Using Management Group with Azure Policy
- What is Azure Policy
- 7 steps to author, develop, and deploy custom recommendations for Windows using Guest Configuration
- Aligning CMMC Controls with your Azure Landing Zone
- Announcing Azure Resource Policy general availability
- Apply GitOps configurations on AKS as an Azure Arc Connected Cluster using Azure Policy for Kubernetes
- Automation for Large Scale Deployment of Agents on Servers managed by Azure Arc
- Azure Backup Center - Backups and Good Governance
- Azure Custom Policy- PostgreSQL Product - Compliance Report not Available- New Feature Request
- Azure Enterprise Policy as Code – A New Approach
- Azure Enterprise Policy as Code – Azure Landing Zones Integration
- Azure Policy – Perform policy operations through Azure DevOps
- Azure Policy Exemption Validation
- Azure Policy for Kubernetes releases support for custom policy
- Azure Policy for Azure Container Apps? Yes, please
- Azure Policy Guest Configuration – Using Tags for Configuration of Features
- Azure Policy glossary
- Azure Landing Zones - Policy Refresh Q1 FY25
- Azure Policy introduces user assigned MSI support, faster DINE deployment, and more!
- Azure Policy Remediation with Deployment Scripts
- Azure Policies for Automating Azure Governance - Choosing Policies
- Azure Policy Recommended Practices
- Azure Policy Support is Generally Available for PostgreSQL Flexible Server
- Azure Unblogged - Azure Policy
- Centralized Policy Management in Microsoft Defender for Cloud using Management Groups
- Configure Security Center bundle pricing with Azure Policy
- Continuously Export Microsoft Defender for Cloud Alerts and Recommendations via Policy
- Controlling Release Pipelines with Gates and Azure Policy Compliance
- Cost Governance with Azure Policy
- Custom Policy- Reusable Logs Templates
- Deploy Monitoring Agent Extension to Azure Arc Linux and Windows servers using Azure Policy
- Deny inbound NSG Rule creation via Azure Policy
- Eliminate Password-Based Attacks on Azure Linux VMs
- Enable HTTPS setting on Azure App service using Azure policy
- Enforcing and Managing Azure DDoS Protection with Azure Policy
- Enforcing Policy for Zero Trust with Azure Policy
- Enterprise-Scale and Azure Policy for policy-driven governance
- Field Notes: Remediating Resources Using User-Assigned Managed Identity with Azure Policy
- GA: Policy add-on for Azure Kubernetes Service
- Generate Azure Policy Compliance Alerts By Sending Custom Data to Log Analytics
- Generate Azure Policy Compliance Alerts By Sending Custom Data to Log Analytics - Part 2 - Automated
- General availability: Built-in Azure Policy support for Network Watcher Traffic Analytics
- Generally available: Apply settings inside machines using Automanage machine configuration
- Generally available: Azure API Management - expanded support for Azure Policy definitions
- Generally available: Azure Policy support for Azure Site Recovery
- Govern your Azure Firewall configuration with Azure Policies
- Guest configuration renames to machine configuration
- How Does Azure Policies In Enterprise-Scale Landing Zone Help?
- How to build an audit Azure Policy with multiple parameters
- How to debug unexpected Azure Policy compliance status for Azure resources?
- How to Troubleshoot Deny Policy Step by Step
- How to update Azure Policy parameters in Azure Blueprints
- How to use PowerShell & Azure Policy to check settings inside a VM
- Implementing Azure Policy using Terraform
- Important change released for Guest Configuration audit policies
- Infrastructure as Code Testing with Azure Policy
- Introducing the Azure Policy Community Repo
- Manage NSG association on Subnets via Azure Policy
- Managing Security Center at scale using ARM templates and Azure Policy
- Microsoft cloud security benchmark: Azure compute benchmark is now aligned with CIS!
- Monitoring Azure Policy compliance across your Azure Managed Application deployments
- More resource policy aliases
- New and updated regulatory compliance policy initiatives for NIST, FedRAMP, DoD in Azure, Azure Government
- New feature: easily assign regulatory compliance policies to your Azure Landing Zone
- On Prem To the Cloud: Everything As Code
- OPS114: Governing baselines in hybrid server environments using Azure Policy Guest Configuration
- Policy Distribution Dashboard for Microsoft Defender for Cloud
- Public Preview Announcement: Azure Policy Built-in Versioning
- Portal Preview of Azure Resource Policy
- Public preview of new Azure Policy features
- Remediate your Azure Kubernetes Service clusters at scale using Azure Policy's mutation support!
- Software Installation Using Azure Policy State Change Events
- Software Installation Using Machine Configuration and Azure Policy
- The impact of conflicting Azure Policies
- Trigger Condition and Evaluation Workflow of Azure Policy
- Use Azure Policy on an Azure-Arc enabled Kubernetes cluster for applying ingress/egress rules with Calico network policy
- Use PowerShell to Remediate Non-Compliant Policy Definitions
- Using Azure Policy to onboard multiple SQL Servers at scale to Azure Arc-enabled SQL Server - Part 1
- Using GitHub for Azure Policy as Code
- What's the difference between Group Policy and Azure Policy?
- What’s new across Azure Governance services, Microsoft Build 2024
- azure cyber security maturity model (CMMC) policy mapping
- azure policy visual studio code extension
- azure/azure-policy
- azure/community-policy
- azure/enterprise-azure-policy-as-code
- azure/manage-azure-policy
- azure/policy-compliance-scan
- azure/regulatory-compliance-initiatives
- azure-samples/aca-azure-policy
- microsoft/azurepolicytestframework
- A summary of the Diagnostic Settings
- Admission Control on AKS with Azure Policy
- Anatomy of Azure Policy
- Authoring Custom Azure Policy Definitions
- Automatically Tag Azure Resources using Azure Policy
- Automating Infrastructure Governance with Azure Policy
- AZ-900 Episode 31 | Azure Policy
- Azure Back To School: Bicep Builders: Azure Sentinel and Policy as Code
- Azure Governance - #3 - Policy & Blueprints
- Azure Governance And Security | Secure Azure Key Vault Using Azure Policy
- Azure Key Vault RBAC and Policy Deep Dive
- Azure Policy - Non-Compliance Messages
- Azure Policy as Code - Zero to Hero in 60 minutes
- Azure Policy Remediation Deep Dive
- Azure Policy
- Azure Spring Clean: Some points to remember about Azure Governance
- Azure Update Manager with Azure Policies
- Block Deletes Using the New DenyAction Azure Policy Effect
- Build Your Tagging Strategy with Azure Policy and Automation
- Custom Policy for Azure Governance - How to create custom Azure Policy from Scratch
- Detailed look at Azure Policy Exemption Permission Requirements
- DevOps | Azure Policy Tutorial | Terraform | GitHub | Compliance enforcement in Azure Subscription
- Festive Tech Calendar: Day 1 - Azure Governance
- Festive Tech Calendar: Day 6 - Azure Governance: Azure customized Policies
- Flexing Your Security Governance with Azure Policy As Code
- Functionality and Usage of Azure Policy - AZ-900 Certification Course
- Get Visibility Into Your Environment With Azure Governance Visualizer
- Getting to Green with Azure Policy
- GitOps with Azure Arc Kubernetes via Azure Policy
- Global Azure: Policy as Code with Bicep for Enterprise Scale
- Help Everyone Follow The Rules | Azure Policy
- How to enforce Azure Naming Convention Using Azure Policies
- If Only I Knew THIS About Azure 5 Years Ago
- Inside Azure Governance - You in Control
- Livestream: A Gentle Introduction to Azure Policy
- Microsoft Azure Master Class Part 3 - Governance
- Organizational Governance and Best Practices for Control
- Regain Control with Azure Governance
- Understanding Organizational Governance and Best Practices for Control
- Using Azure Security Center for Policy and Regulatory Compliance
- Virtual Machine Scale Sets Logs With An Azure Policy
- Writing DSC Resources for Azure Policy Guest Configuration - For Linux
- 057 - Azure Policy and Azure Key Vault integration
- 109 - Azure Policy as Code with Jesse Loudon
- S01 E16 - Azure Security Podcast - Azure Policy
- S01 E43 - Everything you need to know about Azure Policy
- Episode 349 – The War of the Policies
- Policy Design in the Age of Digital Adoption: Explore how PolicyOps can drive Policy as Code adoption in an organization's digital transformation
- Pro Azure Governance and Security: A Comprehensive Guide to Azure Policy, Blueprints, Security Center, and Sentinel
- AKS Policy Reference Overriding Or Disabling Of Containers Apparmor Profile Should Be Restricted
- Assign policy definitions from Azure landing zones Terraform module
- An Azure Policy Journey
- Audit Azure Web App Against NotLegit Vulnerability
- Audit and enable Azure Hybrid Benefit with Azure Policy
- Audit Publicly Accessible Azure App Services With Azure Policy
- Audit Server Settings With Azure Policy Guest Configuration
- Audit Subnets That Do Not Have Network Security Group Associated
- Auditing For Disaster Recovery With Azure Policy
- Auditing GPOs with Azure Guest Configuration Policy
- Auto Install Azure Monitor Agent with Azure Policy
- Automatic Tagging For Azure Resources
- Automatically Enable Microsoft Defender For Cloud Enhanced Security Features
- Automatically Tag Azure VM's Behind A Load Balancer
- Automating Backup Onboarding Using Azure Policy
- AzGovViz With Azure DevOps
- Azure GitHub Export and Visual studio code
- Azure Policy – Add Date/Time Resource Group Tag
- Azure Policy – an underrated component of a scalable data platform (part1)
- Azure Policy – an underrated component of a scalable data platform (part2)
- Azure Policy – Audit And Deploy CanNotDelete Lock On Resource Group Based On Tags
- Azure Policy – Export Azure Policy Definitions
- Azure Policy – How Precedence Works
- Azure Policy - Looking at the DenyAction Effect
- Azure Policy A Love Story
- Azure Policy, Application Gateway WAF and OWASP rulesets
- Azure Policy As Code – Accelerate Governance In Cloud
- Azure Policy As Code With Terraform Part 1
- Azure Policy As Code With Terraform Part 2
- Azure Policy As Code
- Azure Policy Compliance Remediate Azure DevOps
- Azure Policy Definitions for Controlling ARM API versions
- Azure Policy Deploy MS Antimalware Ext For SQL VM
- Azure Policy Enforce Tags For Resource Creation
- Azure Policy Exemptions Added to Resource Graph
- Azure Policy For Kubernetes Custom Policies On Azure Arc Enabled Kubernetes
- Azure Policy for Kubernetes: Contraints and ConstraintTemplates
- Azure Policy for Kubernetes with AKS
- Azure Policy Fully Automated Deployment
- Azure Policy gradual rollout with resource selectors
- Azure Policy ideas for Azure Governance
- Azure policy initiatives for Microsoft Defender for Cloud and Microsoft Sentinel workload protections
- Azure Policy Limit The Azure VM Sizes
- Azure Policy Policies Not Evaluated Right Away
- Azure Policy Search with Azure Graph
- Azure Policy To Enable Network Policies For Private Endpoints
- Azure Policy Where To Start
- Azure Policy: Kubernetes pod security baseline explained
- Azure Policy: Starter Guide
- Azure Policy: What If We Use Bicep ?
- Azure Policy: What If You Test Your Policies ?
- Azure Policy's new DenyAction effect
- Azure Spring Clean: Azure Policy For AKS
- Azure Spring Clean: Azure Policy For Managing Your Subscription
- Azure Spring Clean: Diagnostic Settings
- Azure Spring Clean: DINE To Automate Your Monitoring Governance With Azure Monitor Metric Alerts
- Azure Spring Clean: Replacing Kubernetes Pod Security Policies With Azure Policy On AKS
- Azure Spring Clean: Using Azure Policy And Security Center For Organizational Governance
- Azure Spring Clean: Unleashing the Power of Azure Policy for Seamless Azure Arc Governance!
- Azure SQL Database Cost Optimization via Azure Policies
- Bicep - Creating Custom Azure Policy Initiatives
- Bypassing policies in Azure
- Build Azure Policy Compliance Workbook
- Bulk Enablement of Windows Admin Center Extension on Azure Arc
- Cloud Governance With Azure Policy Part 1
- Cloud Governance With Azure Policy Part 2
- Compliance and delegation of Azure Locks through Azure Policy
- Controlling Azure SQL Firewall Rules
- Create And Assign Custom Azure Policies For Azure Governance
- Create Azure Policy to limit VNet Address Space creation to certain address spaces only
- Create Azure Policy Assignment to block the creation of expensive VMs and block creation of certain resource types
- Create Custom Security Center Recommendation With Azure Policy
- Creating Custom Azure Policy for Kubernetes to Disallow Non-Compliant Image Registries
- Creating and Deploying Azure Policy via Terraform
- Custom Azure Policy for Kubernetes (AKS)
- Demystify Azure DDoS Protection Azure Policy
- DenyAction effect for Azure Policy
- Deny Azure Role Assignment With Azure Policy
- Deny Resource Type Creation with Azure Policy
- Deploy And Assign Azure Policy Via Azure DevOps Pipelines
- Deploy Azure Monitor Agent at Scale
- Deploy Azure Policy To ManagementGroup With Bicep
- Deploy Azure Policy Using Azure DevOps CI/CD Pipeline
- Deploy Azure Policy Using Terraform
- Deploying Azure Policy remediation via Azure Lighthouse with PIM
- Do you see value in Azure Policy Evaluator?
- Diagnostic Settings Storage Accounts Event Hub
- Duplicate Azure Policy Definition and Initiative
- Elevating Privileges Through Azure Policy
- Enable Azure SQL Auditing With Azure Policy
- Enable FTPS On Azure App Services With Azure Policy
- Enable HTTPS On Azure App Services With Azure Policy
- Enable Managed Identity For Web App Azure Policy
- Enable Purge Protection Key Vault Azure Policy
- Enable Resource Logs In Virtual Machine Scale Sets With An Azure Policy
- Enable Vulnerability Assessment On SQL Servers
- Enterprise Policy as Code with Azure DevOps
- Enforce API Management Product Subscriptions With Azure Policy
- Enforce CanNotDelete Resource Lock using Azure Policy
- Enforce TLS 1.2 on Web Apps with Azure Policy
- Enhancing PCI Compliance In Your Azure Environment By Using Azure Policy Custom Initiatives
- Enterprise Scale Policy Driven Governance
- Global Azure: Policy As Code With Bicep For Enterprise Scale
- Go Go governance! Enforcing Azure Policies with Azure CLI
- Govern Azure Virtual Network VNET CIDR Ranges With Azure Policy
- Help My Azure Policy Is Not Firing
- How To Azure Policy Via ARM Template
- How To Choose An Azure Naming Convention
- How To Control DDOS Plan Deployment Using Azure Policy
- How To Create Own Azure Custom Policy
- How To Deploy Azure Policies With ARM Templates
- How To Deploy Azure Policy From An Azure DevOps Pipeline
- How To Deploy Azure Policy With Bicep
- How to Deploy Azure Policy with Bicep?
- How To Dynamically Assign Azure Policy via Terraform
- How To Enforce Naming Convention For Azure Resources
- How To Ensure Proper Configuration For Your Azure Resources
- How To Export And Backup Azure Policy Definitions
- How to Get All Azure Policy Assignments of a Specific Category?
- How To Win Vs Azure Policy Non-Compliance
- How to use Azure Policy to enforce resource naming conventions in your DevOps pipelines
- Identify and prevent abuse of Managed Identities with Federated Credentials from unauthorized entities
- Implementing and troubleshooting a custom Azure Policy Definition Step-by-step Guide
- Improving The User Experience Of Azure Policy
- Keep Control Of Your Azure Environment With Azure Policy
- Keeping AKS Clusters Continuously Secure With Azure Policy
- Lessons Learned Developing A Custom Policy
- Lessons Learned Testing The Configure Backup On VMs Azure Policy
- Looking at Azure Policy resource selectors
- Manage Azure Policy with Terraform
- Managing Azure Resource Tags Using Azure Policy Modify Effect
- Monitoring Azure Policy Compliance States 2021 Edition
- Natively Monitoring Azure Policy Compliance States in Azure Monitor - 2023 Edition
- Notes On Azure Policy Exemption
- November 2020 Update For Azure Diagnostic Settings Policy Definitions
- October 2020 Update For Azure Diagnostic Settings Policy Definitions
- Orphaned Azure Security Principals Clean-up & Azure Policy Managed Identity Role Assignment Automation
- Persistence with Azure Policy Guest Configuration
- Prevent deletion of resources with Azure Policy
- Policy as Code: Using Azure Bicep to deploy Azure Policies
- Policy as Code: Using Modules and defining Custom Roles using Azure Bicep
- Resource naming reloaded: Azure Policy and Bicep for the winner!
- Security Posture Management With Azure Policy And Microsoft Defender For Cloud
- Securing Azure PaaS Leveraging Azure Policies
- Talking Azure Policy As Code On CtrlAltAzure Podcast
- Terraforming Azure Policy
- Test Azure Policies
- Testing out Azure Policies Modify Effect
- The A-Z of Azure Policy
- Tips On Creating Azure Policies For Azure SQL Databases
- Trigger An On Demand Azure Policy Compliance Evaluation Scan
- Trigger An On Demand Azure Policy Evaluation Scan At Management Group Scope
- Trigger Azure Policy Scan Multiple Subscriptions
- Understanding Azure Policies With Visual Studio Code
- Understanding Azure Policy For Regulatory Compliance
- Updated Azure Policy Definitions For Azure Diagnostics Settings Again
- Use Azure Policies to Require Resource Tags with PowerShell
- Use Azure Policy to audit if Azure Arc-enabled servers meet security baseline requirements
- Using ARM Templates To Deploy Azure Policy Initiative
- Using Azure Policy To Audit Resource Group Resource Locks
- Using Azure Policy to configure your resources
- Using Azure policy to control workload identity federation
- Using Azure Policy To Implement Tagging Inheritance
- Using VM applications and Azure Policy to deploy applications
- Using Conftest For Azure Policy For Kubernetes
- VNet peering using Azure Policy
- Walkthrough Using Azure Policy To Audit And Enforce Compliance
- What are Azure Policy Overrides?
- Writing A Custom Azure Policy
- AzAdvertizer
- AzGovViz
- Azure Policy Intellisense
- Azure Policy and Governance Pipelines Tasks
- Cloud Guardrails
- Search and find Azure Policy Aliases
- andrewcluey/terraform-azurerm-policy-definition
- andrewmatveychuk/azure.policy
- azsec/azure-policy
- charotamine/azurepolicy_bicep
- charotamine/policytests
- claranet/terraform-azurerm-policy
- faridabharmal/azuregovernance
- fawohlsc/azure-policy-samples
- fawohlsc/azure-policy-testing
- gettek/terraform-azurerm-policy-as-code
- globalbao/azure-policy-as-code
- globalbao/terraform-azurerm-policy-exemptions
- jamesdld/azure-policies
- jannemattila/azure-policy-evaluator
- jimgbritt/azurediagnosticspipeline
- jimgbritt/azurepolicy
- john-joyner/azure-policy
- jtracey93/tf-az-dine-policy-assignment
- julianhayward/azure-mg-sub-governance-reporting
- kudelskisecurity/azure-policy-tester
- mattfeltonma/azure-custom-policies
- matthiasguentert/azure-naming-convention-initiative
- ricmmartins/azure-governance-made-simple
- robinchapas/converttopolicy
- salesforce/cloud-guardrails
- stefanrothnet/azure-policy
- tyconsulting/azure.policy.monitor
- tyconsulting/azurepolicy
- yangdeal/azure_policy_deployment