Reevaluate Azure Policy button/powershell command
In Azure Policies, we can find the compliance state, but it will take too long to evaluate this compliance state.
1-Please, speedup evaluation
2- Add a button "reevaluate policy now", because after an update of the policy- customer want asap see - how his modification affect resources
Sychev Igor
shared this idea
4 comments
-
chuck
commented
Waiting 15 minutes to test a policy during the dev stage is way too long. At least provide a test commandlet or method to evaluate against a single resource.
-
Badal Kotecha
commented
We need a call to action to be able to evaluate the policy right away. This is important when you are in development stage and authoring lot of policies. If it takes long time for policy to trigger, we will have to spend lot of time waiting to see the result, troubleshoot, make changes and again wait. This should have been must have feature
-
Let me explain my use case:
We apply policy with white list of allowed images.
In our environment we have 66+ subscriptions, 1100+ vms and we are using multiple different images.
We initially extract a list of used images. Insert this list to a policy, but recognized that it was not all.
Now, we are looking in "Compliance Report" to extract the last set of images. But we in a report, we still see data, before police was updated. We are waiting for a 1h already and still don't have latest compliance report. -
Now, we can only get state either from portal https://docs.microsoft.com/en-us/azure/azure-policy/policy-compliance
or from powershell https://docs.microsoft.com/en-us/powershell/module/azurerm.policyinsights/get-azurermpolicystate?view=azurermps-6.8.1but can reevaluate it fast