How can we improve Azure Governance?

Show Azure Policy Definition parameters on a separate tab

In a lot of situations you are only interested in viewing initiative definitions and definition parameters, not editing them.
Showing definition parameters on a separate tab would save a lot of time.

6 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Michael shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

2 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Kasper commented  ·   ·  Flag as inappropriate

    We need this. There is no proper way to check which tag enforcement rule is not compliant if you have multiple of those defined in your initiative. Example:
    I want to check if the following tags are present on all VMs in a subscription (and have a certain value). I can do this with a policy rule including parameters like this:
    {
    "if": {
    "allOf": [
    {
    "field": "type",
    "equals": "Microsoft.Compute/virtualMachines"
    },
    {
    "not": {
    "field": "[concat('tags[', parameters('tagName'), ']')]",
    "in": "[parameters('tagValue')]"
    }
    }
    ]
    },
    "then": {
    "effect": "deny"
    }
    }

    This works fine, but in the portal there is currently no way to check which of the rules is non compliant if I define this rule multiple times and one of them triggers on a non compliant resource. This defeats the purpose of being able to use parameters in your rules in my opinion.

  • Lester W commented  ·   ·  Flag as inappropriate

    This should work in the same way ARM template viewing/editing works -- for consistency of the user experience.

Feedback and Knowledge Base