├── .github
    └── workflows
    │   ├── awesome-lint.yml
    │   ├── markdown-link-checker-pull-request.yml
    │   ├── markdown-to-pdf.yml
    │   └── markdown-link-checker.yml
├── mlc_config.json
├── SECURITY.md
├── CONTRIBUTING.md
├── LICENSE
└── README.md


/.github/workflows/awesome-lint.yml:
--------------------------------------------------------------------------------
 1 | name: CI
 2 | on:
 3 |   workflow_dispatch:
 4 | jobs:
 5 |   Awesome_Lint:
 6 |     runs-on: ubuntu-latest
 7 |     steps:
 8 |       - uses: actions/checkout@v2
 9 |         with:
10 |           fetch-depth: 0
11 |       - run: npx awesome-lint
12 | 


--------------------------------------------------------------------------------
/.github/workflows/markdown-link-checker-pull-request.yml:
--------------------------------------------------------------------------------
 1 | name: Markdown Link Checker on Pull Request
 2 | 
 3 | on:
 4 |   pull_request:
 5 |     branches: [ main ]
 6 |   workflow_dispatch:
 7 | 
 8 | jobs:
 9 |   markdown-link-checker-pull-request:
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |     - uses: actions/checkout@master
13 |     - uses: gaurav-nelson/github-action-markdown-link-check@v1
14 |       with:
15 |         check-modified-files-only: 'yes'
16 |         base-branch: 'main'
17 |         use-quiet-mode: 'yes'
18 |         use-verbose-mode: 'yes'
19 |        
20 | 


--------------------------------------------------------------------------------
/mlc_config.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "ignorePatterns": [
 3 |     {
 4 |       "pattern": "https://charotamine.medium.com/azure-policies-deploy-and-test-with-bicep-bfa80082ec1"
 5 |     },
 6 |     {
 7 |       "pattern": "https://charotamine.medium.com/azure-policy-what-if-you-test-your-policies-5ddb12c95a07"
 8 |     },
 9 |     {
10 |       "pattern": "https://charotamine.medium.com/azure-spring-clean-diagnostic-settings-26c61d8d165d"
11 |     },
12 |     {
13 |       "pattern": "https://www.darwinsec.com/post/increasing-pci-compliance-in-your-azure-environment-by-using-custom-initiatives"
14 |     },
15 |     {
16 |       "pattern": "https://azsec.azurewebsites.net"
17 |     },
18 |     {
19 |       "pattern": "https://aka.ms/cmmc/alzmap"
20 |     },
21 |     {
22 |       "pattern": "https://adinermie.com"
23 |     }
24 |   ],
25 |   "timeout": "20s",
26 |   "retryOn429": true,
27 |   "retryCount": 5,
28 |   "fallbackRetryDelay": "30s",
29 |   "aliveStatusCodes": [200, 206]
30 | }
31 | 


--------------------------------------------------------------------------------
/.github/workflows/markdown-to-pdf.yml:
--------------------------------------------------------------------------------
 1 | name: Generate PDF from README
 2 | 
 3 | on: 
 4 |   workflow_dispatch:
 5 | 
 6 | env:
 7 |   GITHUB_TOKEN: ${{ github.token }}
 8 | 
 9 | jobs:
10 |   publish:
11 |     runs-on: ubuntu-latest
12 |     name: Generate PDF from README
13 |     steps:
14 |       - name: Checkout
15 |         uses: actions/checkout@v4
16 |       - name: Set Date
17 |         id: set_date
18 |         run: echo "DATE=$(date +'%m-%Y')" >> $GITHUB_ENV
19 |       - name: Publish PDF Document
20 |         uses: baileyjm02/markdown-to-pdf@v1
21 |         id: publish-document
22 |         with:
23 |           input_path: README.md
24 |           output_dir: generated
25 |           table_of_contents: true
26 |           build_html: false
27 |           
28 |       - name: Upload Document
29 |         uses: actions/upload-artifact@v4
30 |         id: upload-document
31 |         with:
32 |           name: 'Awesome-Azure-Policy-${{ env.DATE }}'
33 |           path: generated
34 | 


--------------------------------------------------------------------------------
/.github/workflows/markdown-link-checker.yml:
--------------------------------------------------------------------------------
 1 | name: Markdown Link Checker
 2 | 
 3 | on: 
 4 |   push:
 5 |     branches:
 6 |     - main
 7 |   schedule:
 8 |   # Run everyday at 9:00 AM (See https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07)
 9 |   - cron: "0 9 * * *"
10 |   workflow_dispatch:
11 | 
12 | jobs:
13 |   markdown-link-checker:
14 |     runs-on: ubuntu-latest
15 |     steps:
16 |     - uses: actions/checkout@master
17 |     - name: markdown-link-check
18 |       id: markdownlinkcheck
19 |       continue-on-error: true
20 |       uses: gaurav-nelson/github-action-markdown-link-check@v1
21 |       with:
22 |         use-quiet-mode: 'yes'
23 |         use-verbose-mode: 'yes'
24 |     - name: Sleep for 3hrs
25 |       if: ${{ steps.markdownlinkcheck.outcome == 'failure' && steps.markdownlinkcheck.conclusion == 'success' }}
26 |       uses: juliangruber/sleep-action@v1
27 |       with:
28 |         time: 10800s #Sleep for 3hrs. In case link host is offline for maintenance.
29 |     - name: markdown-link-check-retry
30 |       if: ${{ steps.markdownlinkcheck.outcome == 'failure' && steps.markdownlinkcheck.conclusion == 'success' }}
31 |       uses: gaurav-nelson/github-action-markdown-link-check@v1
32 |       with:
33 |         use-quiet-mode: 'yes'
34 |         use-verbose-mode: 'yes'
35 | 


--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
 1 | # Security Policy
 2 | 
 3 | ## Supported Versions
 4 | 
 5 | | Version | Supported          |
 6 | | ------- | ------------------ |
 7 | | 1.x.x   | :white_check_mark: |
 8 | 
 9 | ## Reporting Security Issues
10 | 
11 | Please do not report security vulnerabilities/issues through public GitHub issues.
12 | 
13 | Instead, please report them directly via LinkedIn DM, Twitter DM, or email. Contact details are maintained at the maintainer's profile [https://github.com/jesseloudon](https://github.com/jesseloudon)
14 | 
15 | You should receive a response within 72 hours.
16 | 
17 | Please include the requested information listed below (as much as you can provide) to help the maintainer better understand the nature and scope of the possible issue:
18 | 
19 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
20 | * Full paths of source file(s) related to the manifestation of the issue
21 | * The location of the affected source code (tag/branch/commit or direct URL)
22 | * Any special configuration required to reproduce the issue
23 | * Step-by-step instructions to reproduce the issue
24 | * Proof-of-concept or exploit code (if possible)
25 | * Impact of the issue, including how an attacker might exploit the issue
26 | 
27 | ## Preferred Languages
28 | All communications to be in English.
29 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # 6 Steps To Contribute To Awesome Azure Policy [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)
 2 | 
 3 | 1. Review the **contribution standards** and **contribution sections** below
 4 | 2. Edit the [README.md](https://github.com/globalbao/awesome-azure-policy/edit/main/README.md) file
 5 | 3. Find the related section for your contribution
 6 | 4. Add your link(s) to an existing section. Or suggest a new section
 7 | 5. Commit your changes to the README.md file
 8 | 6. Create a new [Pull Request](https://github.com/globalbao/awesome-azure-policy/compare) with your changes
 9 | 
10 | ## Contribution Standards
11 | 
12 | * Avoid adding duplicates
13 | * Content must be related to **[Azure Policy](https://docs.microsoft.com/en-us/azure/governance/policy/overview)**
14 | * Content must align to either **Microsoft** or **Community** sources
15 | * Content cannot be behind a paywall and must be freely accessible
16 | * List items sorted in alphabetical order.
17 | * Use sentence case for list items except for GitHub repositories which must be all lower case
18 | 
19 | ## Contribution Sections
20 | 
21 | - Microsoft Learn
22 | - Microsoft Docs
23 | - Microsoft Videos
24 | - Microsoft Announcements and Articles
25 | - Microsoft Repositories and Tools
26 | - Microsoft Forums and Feedback
27 | - Community Videos
28 | - Community Podcasts
29 | - Community Books
30 | - Community Articles
31 | - Community Tools
32 | - Community Repositories
33 | - Community Forums
34 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | Creative Commons Legal Code
  2 | 
  3 | CC0 1.0 Universal
  4 | 
  5 |     CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE
  6 |     LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN
  7 |     ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS
  8 |     INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES
  9 |     REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS
 10 |     PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM
 11 |     THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED
 12 |     HEREUNDER.
 13 | 
 14 | Statement of Purpose
 15 | 
 16 | The laws of most jurisdictions throughout the world automatically confer
 17 | exclusive Copyright and Related Rights (defined below) upon the creator
 18 | and subsequent owner(s) (each and all, an "owner") of an original work of
 19 | authorship and/or a database (each, a "Work").
 20 | 
 21 | Certain owners wish to permanently relinquish those rights to a Work for
 22 | the purpose of contributing to a commons of creative, cultural and
 23 | scientific works ("Commons") that the public can reliably and without fear
 24 | of later claims of infringement build upon, modify, incorporate in other
 25 | works, reuse and redistribute as freely as possible in any form whatsoever
 26 | and for any purposes, including without limitation commercial purposes.
 27 | These owners may contribute to the Commons to promote the ideal of a free
 28 | culture and the further production of creative, cultural and scientific
 29 | works, or to gain reputation or greater distribution for their Work in
 30 | part through the use and efforts of others.
 31 | 
 32 | For these and/or other purposes and motivations, and without any
 33 | expectation of additional consideration or compensation, the person
 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she
 35 | is an owner of Copyright and Related Rights in the Work, voluntarily
 36 | elects to apply CC0 to the Work and publicly distribute the Work under its
 37 | terms, with knowledge of his or her Copyright and Related Rights in the
 38 | Work and the meaning and intended legal effect of CC0 on those rights.
 39 | 
 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be
 41 | protected by copyright and related or neighboring rights ("Copyright and
 42 | Related Rights"). Copyright and Related Rights include, but are not
 43 | limited to, the following:
 44 | 
 45 |   i. the right to reproduce, adapt, distribute, perform, display,
 46 |      communicate, and translate a Work;
 47 |  ii. moral rights retained by the original author(s) and/or performer(s);
 48 | iii. publicity and privacy rights pertaining to a person's image or
 49 |      likeness depicted in a Work;
 50 |  iv. rights protecting against unfair competition in regards to a Work,
 51 |      subject to the limitations in paragraph 4(a), below;
 52 |   v. rights protecting the extraction, dissemination, use and reuse of data
 53 |      in a Work;
 54 |  vi. database rights (such as those arising under Directive 96/9/EC of the
 55 |      European Parliament and of the Council of 11 March 1996 on the legal
 56 |      protection of databases, and under any national implementation
 57 |      thereof, including any amended or successor version of such
 58 |      directive); and
 59 | vii. other similar, equivalent or corresponding rights throughout the
 60 |      world based on applicable law or treaty, and any national
 61 |      implementations thereof.
 62 | 
 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention
 64 | of, applicable law, Affirmer hereby overtly, fully, permanently,
 65 | irrevocably and unconditionally waives, abandons, and surrenders all of
 66 | Affirmer's Copyright and Related Rights and associated claims and causes
 67 | of action, whether now known or unknown (including existing as well as
 68 | future claims and causes of action), in the Work (i) in all territories
 69 | worldwide, (ii) for the maximum duration provided by applicable law or
 70 | treaty (including future time extensions), (iii) in any current or future
 71 | medium and for any number of copies, and (iv) for any purpose whatsoever,
 72 | including without limitation commercial, advertising or promotional
 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each
 74 | member of the public at large and to the detriment of Affirmer's heirs and
 75 | successors, fully intending that such Waiver shall not be subject to
 76 | revocation, rescission, cancellation, termination, or any other legal or
 77 | equitable action to disrupt the quiet enjoyment of the Work by the public
 78 | as contemplated by Affirmer's express Statement of Purpose.
 79 | 
 80 | 3. Public License Fallback. Should any part of the Waiver for any reason
 81 | be judged legally invalid or ineffective under applicable law, then the
 82 | Waiver shall be preserved to the maximum extent permitted taking into
 83 | account Affirmer's express Statement of Purpose. In addition, to the
 84 | extent the Waiver is so judged Affirmer hereby grants to each affected
 85 | person a royalty-free, non transferable, non sublicensable, non exclusive,
 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and
 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the
 88 | maximum duration provided by applicable law or treaty (including future
 89 | time extensions), (iii) in any current or future medium and for any number
 90 | of copies, and (iv) for any purpose whatsoever, including without
 91 | limitation commercial, advertising or promotional purposes (the
 92 | "License"). The License shall be deemed effective as of the date CC0 was
 93 | applied by Affirmer to the Work. Should any part of the License for any
 94 | reason be judged legally invalid or ineffective under applicable law, such
 95 | partial invalidity or ineffectiveness shall not invalidate the remainder
 96 | of the License, and in such case Affirmer hereby affirms that he or she
 97 | will not (i) exercise any of his or her remaining Copyright and Related
 98 | Rights in the Work or (ii) assert any associated claims and causes of
 99 | action with respect to the Work, in either case contrary to Affirmer's
100 | express Statement of Purpose.
101 | 
102 | 4. Limitations and Disclaimers.
103 | 
104 |  a. No trademark or patent rights held by Affirmer are waived, abandoned,
105 |     surrendered, licensed or otherwise affected by this document.
106 |  b. Affirmer offers the Work as-is and makes no representations or
107 |     warranties of any kind concerning the Work, express, implied,
108 |     statutory or otherwise, including without limitation warranties of
109 |     title, merchantability, fitness for a particular purpose, non
110 |     infringement, or the absence of latent or other defects, accuracy, or
111 |     the present or absence of errors, whether or not discoverable, all to
112 |     the greatest extent permissible under applicable law.
113 |  c. Affirmer disclaims responsibility for clearing rights of other persons
114 |     that may apply to the Work or any use thereof, including without
115 |     limitation any person's Copyright and Related Rights in the Work.
116 |     Further, Affirmer disclaims responsibility for obtaining any necessary
117 |     consents, permissions or other rights required for any use of the
118 |     Work.
119 |  d. Affirmer understands and acknowledges that Creative Commons is not a
120 |     party to this document and has no duty or obligation with respect to
121 |     this CC0 or use of the Work.
122 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Awesome Azure Policy
  2 | 
  3 | A curated list of AWESOME blogs, videos, tutorials, code, tools, scripts. Anything which can help you learn Azure Policy and quickly get started with designing, planning, and implementing governance controls to your resources.
  4 | 
  5 | > Community contributions are welcome! Check out the [contribution guide](./CONTRIBUTING.md) today and submit a **pull request**!
  6 | 
  7 | ## Community Articles Leaderboard
  8 | 
  9 | | Top-level Domain                                             | Number of Posts |
 10 | | ------------------------------------------------------------ | --------------- |
 11 | | 🏆 **[blog.tyang.org](https://blog.tyang.org)**             | 18              |
 12 | | 🥈 **[charbelnemnom.com](https://charbelnemnom.com)**       | 14              |
 13 | | 🥉 **[andrewmatveychuk.com](https://andrewmatveychuk.com)** | 9               |
 14 | | [jloudon.com](https://jloudon.com)                           | 8               |
 15 | | [stefanroth.net](https://www.stefanroth.net)                 | 5               |
 16 | | [georgeollis.com](https://www.georgeollis.com)           | 5               |
 17 | | [cloudsma.com](https://www.cloudsma.com)                 | 4               |
 18 | | [wedoazure.ie](https://wedoazure.ie)                         | 4               |
 19 | | [m365princess.com](https://www.m365princess.com)         | 3               |
 20 | | [cloudadministrator.net](https://cloudadministrator.net)     | 3               |
 21 | | [danielstechblog.io](https://www.danielstechblog.io)   | 3               |
 22 | | [yourazurecoach.com](https://yourazurecoach.com)           | 3               |
 23 | | [autosysops.com](https://autosysops.com)                   | 2               |
 24 | | [samcogan.com](https://samcogan.com)                       | 2               |
 25 | | [manbearpiet.com](https://manbearpiet.com)                 | 2               |
 26 | | [thomasmaurer.ch](https://www.thomasmaurer.ch)         | 2               |
 27 | 
 28 | ## Microsoft Learn
 29 | 
 30 | - [Address Tangible Risks With The Govern Methodology Of The Cloud Adoption Framework For Azure](https://docs.microsoft.com/en-us/learn/modules/cloud-adoption-framework-govern/)
 31 | - [Azure Kubernetes Services Governance with Azure Policy](https://docs.microsoft.com/en-us/learn/modules/aks-governance-azure-policy/)
 32 | - [Build Cloud Governance Strategy On Azure](https://docs.microsoft.com/en-us/learn/modules/build-cloud-governance-strategy-azure/)
 33 | - [Configure Azure Policy](https://docs.microsoft.com/en-us/learn/modules/configure-azure-policy/)
 34 | - [Design An Enterprise Governance Strategy](https://docs.microsoft.com/en-us/learn/modules/enterprise-governance/)
 35 | - [Design Governance](https://docs.microsoft.com/en-us/learn/modules/design-governance/)
 36 | - [Intro to Azure Policy](https://docs.microsoft.com/en-us/learn/modules/intro-to-azure-policy/)
 37 | - [Manage security operations in Azure](https://docs.microsoft.com/en-us/learn/paths/manage-security-operations/)
 38 | 
 39 | ## Microsoft Docs
 40 | 
 41 | - [Azure Policy](https://docs.microsoft.com/en-us/azure/governance/policy/)
 42 | - [Adopt Policy-Driven Guardrails](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/enterprise-scale/dine-guidance)
 43 | - [Determine causes of non-compliance](https://learn.microsoft.com/en-us/azure/governance/policy/how-to/determine-non-compliance)
 44 | - [Design Azure Policy as Code workflows](https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-as-code)
 45 | - [Enterprise Policy As Code (EPAC)](https://azure.github.io/enterprise-azure-policy-as-code/)
 46 | - [Get compliance data of Azure resources](https://learn.microsoft.com/en-us/azure/governance/policy/how-to/get-compliance-data)
 47 | - [Policies included in Azure Landing Zones reference implementations](https://github.com/Azure/Enterprise-Scale/blob/main/docs/ESLZ-Policies.md)
 48 | - [Secure your cluster with Azure Policy](https://docs.microsoft.com/en-us/azure/aks/use-azure-policy?toc=/azure/governance/policy/toc.json&bc=/azure/governance/policy/breadcrumb/toc.json)
 49 | - [Remediate non-compliant resources with Azure Policy](https://learn.microsoft.com/en-us/azure/governance/policy/how-to/remediate-resources?tabs=azure-portal)
 50 | - [Safe deployment of Azure Policy assignments](https://learn.microsoft.com/en-us/azure/governance/policy/how-to/policy-safe-deployment-practices)
 51 | - [Understand Azure Policy for Kubernetes clusters](https://docs.microsoft.com/en-us/azure/governance/policy/concepts/policy-for-kubernetes)
 52 | - [Use Azure Policy extension for Visual Studio Code](https://docs.microsoft.com/en-us/azure/governance/policy/how-to/extension-for-vscode)
 53 | 
 54 | ## Microsoft Videos
 55 | 
 56 | - [Author custom Azure Machine Configuration policies using PowerShell DSC](https://youtu.be/75MTIftSEfk?si=3ZRsny8ElHdPbF1a)
 57 | - [Azure Governance & Deployments Quarterly Customer Panel December 2021](https://youtu.be/oYC5Ns7kLCY)
 58 | - [Azure Governance and Deployments Quarterly Customer Panel Feb 2021](https://www.youtube.com/watch?v=ONKn9XMPZCs)
 59 | - [Azure Governance and Deployments Quarterly Customer Panel May 2021](https://www.youtube.com/watch?v=tHyPDESIThk)
 60 | - [Azure Governance and the latest updates on Azure Policy](https://youtu.be/smyQv3MHe10)
 61 | - [Azure Governance for ISVs, Session 02: Policies, Initiatives, and Blueprints](https://youtu.be/SMvbFBdWi5U)
 62 | - [Azure Policy and Kubernetes](https://youtu.be/Hv3K8zJSbow)
 63 | - [Azure Policy on Azure Kubernetes Service](https://youtu.be/mfFdH7v3Vl8)
 64 | - [Azure Policy Version Management](https://youtu.be/eejdoDgofZ8?si=Uv-YdEKb03J6bVgf)
 65 | - [Azure Takeoff Show - Azure Policies and Locks](https://youtu.be/XqCcGZFbuCU?si=n9ma6cQpwNUO_CE7)
 66 | - [AzureFunBytes - Intro to Azure Policy](https://youtu.be/2ebTY4Bzah0)
 67 | - [Compliance with Azure Policy](https://www.youtube.com/watch?v=OZh_4gjgvGU)
 68 | - [Deep dive into Implementing governance at scale through Azure Policy](https://youtu.be/d6c1nfoySLI)
 69 | - [Deploying Custom Definitions using EPAC](https://youtu.be/xr1lDjfk8e0?si=65VeBuel0kQqzi2F)
 70 | - [Enforcement with Azure Policy](https://www.youtube.com/watch?v=yQvFeuPoHe0)
 71 | - [EPAC v11 Updates!](https://youtu.be/clRNxyx_rIY?si=CqZoSEBHM3f2VrN6)
 72 | - [Getting started with Azure Policy](https://www.youtube.com/watch?v=b0Sp6V0VJas)
 73 | - [Global Azure - Notes from the field: Policy-driven Governance](https://youtu.be/Ukqux_TN8uw)
 74 | - [Govern Azure Arc-enabled K8S Clusters with Azure Policy | KubeCon NA 2021](https://youtu.be/l1ve70xD06Y)
 75 | - [How To Install EPAC](https://www.youtube.com/watch?v=GhYZChU85LA)
 76 | - [On Prem To The Cloud: Everything As Code](https://youtu.be/io_dX5I-6xM)
 77 | - [Performing Remediation on Resources with Azure Policy](https://www.youtube.com/watch?v=c1d05IYBrTk)
 78 | - [Understanding "Global-Settings"](https://www.youtube.com/watch?v=EGjjeaYMCWQ)
 79 | - [Using Management Group with Azure Policy](https://youtu.be/S_-JenO43G8)
 80 | - [What is Azure Policy](https://www.youtube.com/watch?v=obWeyLHWQIY)
 81 | - [What is EPAC?](https://www.youtube.com/watch?v=_r8uxMKwy9s)
 82 | 
 83 | ## Microsoft Announcements and Articles
 84 | 
 85 | - [7 steps to author, develop, and deploy custom recommendations for Windows using Guest Configuration](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/7-steps-to-author-develop-and-deploy-custom-recommendations-for/ba-p/3166026)
 86 | - [Aligning CMMC Controls with your Azure Landing Zone](https://techcommunity.microsoft.com/t5/public-sector-blog/aligning-cmmc-controls-with-your-azure-landing-zone/ba-p/2736511)
 87 | - [Announcing Azure Resource Policy general availability](https://azure.microsoft.com/en-au/blog/azure-resource-policy-ga/)
 88 | - [Apply GitOps configurations on AKS as an Azure Arc Connected Cluster using Azure Policy for Kubernetes](https://azurearcjumpstart.io/azure_arc_jumpstart/azure_arc_k8s/day2/aks/aks_policy/)
 89 | - [Automation for Large Scale Deployment of Agents on Servers managed by Azure Arc](https://techcommunity.microsoft.com/t5/azure-arc-blog/automation-for-large-scale-deployment-of-agents-on-servers/ba-p/3713328)
 90 | - [Azure Backup Center - Backups and Good Governance](https://techcommunity.microsoft.com/t5/itops-talk-blog/azure-backup-center-backups-and-good-governance/ba-p/2318843)
 91 | - [Azure Custom Policy- PostgreSQL Product - Compliance Report not Available- New Feature Request](https://techcommunity.microsoft.com/t5/microsoft-developer-community/azure-custom-policy-postgresql-product-compliance-report-not/ba-p/4140715)
 92 | - [Azure Enterprise Policy as Code – A New Approach](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-enterprise-policy-as-code-a-new-approach/ba-p/3607843)
 93 | - [Azure Enterprise Policy as Code – Azure Landing Zones Integration](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-enterprise-policy-as-code-azure-landing-zones-integration/ba-p/3642784)
 94 | - [Azure Policy – Perform policy operations through Azure DevOps](https://techcommunity.microsoft.com/t5/azure-paas-blog/azure-policy-perform-policy-operations-through-azure-devops/ba-p/2045515)
 95 | - [Azure Policy Exemption Validation](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-policy-exemption-validation/ba-p/3859133)
 96 | - [Azure Policy for Kubernetes releases support for custom policy](https://techcommunity.microsoft.com/t5/azure-governance-and-management/azure-policy-for-kubernetes-releases-support-for-custom-policy/ba-p/2699466)
 97 | - [Azure Policy for Azure Container Apps? Yes, please](https://techcommunity.microsoft.com/t5/fasttrack-for-azure/azure-policy-for-azure-container-apps-yes-please/ba-p/3775200)
 98 | - [Azure Policy Guest Configuration – Using Tags for Configuration of Features](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-policy-guest-configuration-using-tags-for-configuration-of/ba-p/2836139)
 99 | - [Azure Policy glossary](https://docs.microsoft.com/en-us/azure/governance/policy/policy-glossary)
100 | - [Azure Landing Zones - Policy Refresh Q1 FY25](https://techcommunity.microsoft.com/t5/azure-governance-and-management/azure-landing-zones-policy-refresh-q1-fy25/ba-p/4266538)
101 | - [Azure Policy introduces user assigned MSI support, faster DINE deployment, and more!](https://techcommunity.microsoft.com/t5/azure-governance-and-management/azure-policy-introduces-user-assigned-msi-support-faster-dine/ba-p/2661073)
102 | - [Azure Policy Remediation with Deployment Scripts](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-policy-remediation-with-deployment-scripts/ba-p/1594674)
103 | - [Azure Policies for Automating Azure Governance - Choosing Policies](https://techcommunity.microsoft.com/t5/itops-talk-blog/azure-policies-for-automating-azure-governance-choosing-policies/ba-p/3709653)
104 | - [Azure Policy Recommended Practices](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/azure-policy-recommended-practices/bc-p/3879234)
105 | - [Azure Policy Support is Generally Available for PostgreSQL Flexible Server](https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/azure-policy-support-is-generally-available-for-postgresql/ba-p/4180189)
106 | - [Azure Policy: Building Custom Policies for Standards and Compliance](https://techcommunity.microsoft.com/blog/nonprofittechies/azure-policy-building-custom-policies-for-standards-and-compliance/4404597)
107 | - [Azure Service Health Built-In Policy (Preview) – Now Available!](https://techcommunity.microsoft.com/blog/azuregovernanceandmanagementblog/%F0%9F%9A%A8-azure-service-health-built-in-policy-preview-%E2%80%93-now-available/4436626)
108 | - [Azure Unblogged - Azure Policy](https://techcommunity.microsoft.com/t5/itops-talk-blog/azure-unblogged-azure-policy/ba-p/2106247)
109 | - [Centralized Policy Management in Microsoft Defender for Cloud using Management Groups](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/centralized-policy-management-in-microsoft-defender-for-cloud/ba-p/1276331)
110 | - [Common Azure Policy Issues and Solutions](https://techcommunity.microsoft.com/blog/azuregovernanceandmanagementblog/common-azure-policy-issues-and-solutions/4407332)
111 | - [Configure Security Center bundle pricing with Azure Policy](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/configure-security-center-bundle-pricing-with-azure-policy/ba-p/404035)
112 | - [Continuously Export Microsoft Defender for Cloud Alerts and Recommendations via Policy](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/continuously-export-microsoft-defender-for-cloud-alerts-and/ba-p/1440745)
113 | - [Controlling Release Pipelines with Gates and Azure Policy Compliance](https://devblogs.microsoft.com/devops/controlling-release-pipelines-with-gates-and-azure-policy-compliance/)
114 | - [Cost Governance with Azure Policy](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/cost-governance-with-azure-policy/ba-p/3791888)
115 | - [Custom Policy- Reusable Logs Templates](https://techcommunity.microsoft.com/t5/azure-governance-and-management/custom-policy-reusable-logs-templates/ba-p/4259304)
116 | - [Deploy Monitoring Agent Extension to Azure Arc Linux and Windows servers using Azure Policy](https://azurearcjumpstart.io/azure_arc_jumpstart/azure_arc_servers/day2/arc_policies_mma/)
117 | - [Deny inbound NSG Rule creation via Azure Policy](https://techcommunity.microsoft.com/t5/azure-infrastructure-blog/deny-inbound-nsg-rule-creation-via-azure-policy/ba-p/4241803)
118 | - [Eliminate Password-Based Attacks on Azure Linux VMs](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/eliminate-password-based-attacks-on-azure-linux-vms/ba-p/2271139)
119 | - [Enable HTTPS setting on Azure App service using Azure policy](https://techcommunity.microsoft.com/t5/azure-paas-blog/enable-https-setting-on-azure-app-service-using-azure-policy/ba-p/3286603)
120 | - [Enforcing and Managing Azure DDoS Protection with Azure Policy](https://techcommunity.microsoft.com/t5/azure-network-security-blog/enforcing-and-managing-azure-ddos-protection-with-azure-policy/ba-p/3933172)
121 | - [Enforcing Policy for Zero Trust with Azure Policy](https://devblogs.microsoft.com/azuregov/enforcing-policy-for-zero-trust-with-azure-policy-4-of-6/)
122 | - [Enterprise-Scale and Azure Policy for policy-driven governance](https://techcommunity.microsoft.com/t5/azure-architecture-blog/enterprise-scale-and-azure-policy-for-policy-driven-governance/ba-p/1614060)
123 | - [Field Notes: Remediating Resources Using User-Assigned Managed Identity with Azure Policy](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/field-notes-remediating-resources-using-user-assigned-managed/ba-p/3258700)
124 | - [GA: Policy add-on for Azure Kubernetes Service](https://azure.microsoft.com/en-au/updates/ga-policy-addon-for-azure-kubernetes-service/)
125 | - [Generate Azure Policy Compliance Alerts By Sending Custom Data to Log Analytics](https://techcommunity.microsoft.com/t5/fasttrack-for-azure/generate-azure-policy-compliance-alerts-by-sending-custom-data/ba-p/3671119)
126 | - [Generate Azure Policy Compliance Alerts By Sending Custom Data to Log Analytics - Part 2 - Automated](https://techcommunity.microsoft.com/t5/fasttrack-for-azure/generate-azure-policy-compliance-alerts-by-sending-custom-data/ba-p/4039114)
127 | - [General availability: Built-in Azure Policy support for Network Watcher Traffic Analytics](https://azure.microsoft.com/en-gb/updates/general-availability-builtin-azure-policy-support-for-network-watcher-traffic-analytics/)
128 | - [Generally available: Apply settings inside machines using Automanage machine configuration](https://techcommunity.microsoft.com/t5/azure-governance-and-management/generally-available-apply-settings-inside-machines-using/ba-p/3589614)
129 | - [Generally available: Azure API Management - expanded support for Azure Policy definitions](https://azure.microsoft.com/en-us/updates/generally-available-azure-api-management-expanded-support-for-azure-policy-definitions/)
130 | - [Generally available: Azure Policy support for Azure Site Recovery](https://azure.microsoft.com/en-gb/updates/asr-policy-support-ga/)
131 | - [Govern your Azure Firewall configuration with Azure Policies](https://techcommunity.microsoft.com/t5/azure-network-security-blog/govern-your-azure-firewall-configuration-with-azure-policies/ba-p/4189902)
132 | - [Guest configuration renames to machine configuration](https://techcommunity.microsoft.com/t5/azure-governance-and-management/coming-soon-guest-configuration-renames-to-machine-configuration/ba-p/3474116)
133 | - [How Does Azure Policies In Enterprise-Scale Landing Zone Help?](https://techcommunity.microsoft.com/t5/azure-architecture-blog/how-does-azure-policies-in-enterprise-scale-landing-zone-help/ba-p/2121478)
134 | - [How to build an audit Azure Policy with multiple parameters](https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-build-an-audit-azure-policy-with-multiple-parameters/ba-p/1866062)
135 | - [How to control your Azure costs with Governance and Azure Policy](https://techcommunity.microsoft.com/blog/finopsblog/how-to-control-your-azure-costs-with-governance-and-azure-policy/4397977)
136 | - [How to debug unexpected Azure Policy compliance status for Azure resources?](https://techcommunity.microsoft.com/t5/azure-paas-blog/how-to-debug-unexpected-azure-policy-compliance-status-for-azure/ba-p/2111068)
137 | - [How to Troubleshoot Deny Policy Step by Step](https://techcommunity.microsoft.com/t5/azure-paas-blog/how-to-troubleshoot-deny-policy-step-by-step/ba-p/3704375)
138 | - [How to update Azure Policy parameters in Azure Blueprints](https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-update-azure-policy-parameters-in-azure-blueprints/ba-p/3037875)
139 | - [How to use PowerShell & Azure Policy to check settings inside a VM](https://techcommunity.microsoft.com/t5/itops-talk-blog/how-to-use-powershell-amp-azure-policy-to-check-settings-inside/ba-p/749241)
140 | - [Implementing Azure Policy using Terraform](https://techcommunity.microsoft.com/t5/azure-paas-blog/implementing-azure-policy-using-terraform/ba-p/1423775)
141 | - [Important change released for Guest Configuration audit policies](https://techcommunity.microsoft.com/t5/azure-governance-and-management/important-change-released-for-guest-configuration-audit-policies/ba-p/1655316)
142 | - [Infrastructure as Code Testing with Azure Policy](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/infrastructure-as-code-testing-with-azure-policy/ba-p/3921765)
143 | - [Introducing the Azure Policy Community Repo](https://techcommunity.microsoft.com/t5/azure-governance-and-management/introducing-the-azure-policy-community-repo/ba-p/4220084)
144 | - [Keep your Azure Landing Zones policy assignments up to date with Azure Governance Visualizer](https://techcommunity.microsoft.com/blog/azuregovernanceandmanagementblog/keep-your-azure-landing-zones-policy-assignments-up-to-date-with-azure-governanc/4292789)
145 | - [Manage NSG association on Subnets via Azure Policy](https://techcommunity.microsoft.com/t5/azure-networking-blog/manage-nsg-association-on-subnets-via-azure-policy/ba-p/4243157)
146 | - [Managing Security Center at scale using ARM templates and Azure Policy](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/managing-security-center-at-scale-using-arm-templates-and-azure/ba-p/327761)
147 | - [Microsoft cloud security benchmark: Azure compute benchmark is now aligned with CIS!](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/microsoft-cloud-security-benchmark-azure-compute-benchmark-is/ba-p/3680141)
148 | - [Monitoring Azure Policy compliance across your Azure Managed Application deployments](https://techcommunity.microsoft.com/t5/apps-on-azure-blog/monitoring-azure-policy-compliance-across-your-azure-managed/ba-p/3922113)
149 | - [More resource policy aliases](https://azure.microsoft.com/en-au/blog/more-resource-policy-aliases/)
150 | - [New and updated regulatory compliance policy initiatives for NIST, FedRAMP, DoD in Azure, Azure Government](https://devblogs.microsoft.com/azuregov/new-and-updated-regulatory-compliance-policy-initiatives-for-nist-fedramp-dod-in-azure-azure-government/)
151 | - [New feature: easily assign regulatory compliance policies to your Azure Landing Zone](https://techcommunity.microsoft.com/t5/azure-architecture-blog/new-feature-easily-assign-regulatory-compliance-policies-to-your/ba-p/4074957)
152 | - [On Prem To the Cloud: Everything As Code](https://devblogs.microsoft.com/devops/on-prem-to-the-cloud-everything-as-code-ep-4/)
153 | - [OPS114: Governing baselines in hybrid server environments using Azure Policy Guest Configuration](https://techcommunity.microsoft.com/t5/itops-talk-blog/ops114-governing-baselines-in-hybrid-server-environments-using/ba-p/2109245)
154 | - [Policy Distribution Dashboard for Microsoft Defender for Cloud](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/policy-distribution-dashboard-for-microsoft-defender-for-cloud/ba-p/3264712)
155 | - [Public Preview Announcement: Azure Policy Built-in Versioning](https://techcommunity.microsoft.com/t5/azure-governance-and-management/public-preview-announcement-azure-policy-built-in-versioning/ba-p/4186105)
156 | - [Portal Preview of Azure Resource Policy](https://azure.microsoft.com/en-au/blog/portal-preview-of-azure-resource-policy-2/)
157 | - [Public preview of new Azure Policy features](https://azure.microsoft.com/en-au/blog/recap-on-new-azure-policy-features-in-ignite/)
158 | - [Remediate your Azure Kubernetes Service clusters at scale using Azure Policy's mutation support!](https://techcommunity.microsoft.com/t5/azure-governance-and-management/remediate-your-azure-kubernetes-service-clusters-at-scale-using/ba-p/3974506)
159 | - [Software Installation Using Azure Policy State Change Events](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/software-installation-using-azure-policy-state-change-events/ba-p/2420515)
160 | - [Software Installation Using Machine Configuration and Azure Policy](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/software-installation-using-machine-configuration-and-azure/ba-p/3695636)
161 | - [The impact of conflicting Azure Policies](https://techcommunity.microsoft.com/t5/itops-talk-blog/the-impact-of-conflicting-azure-policies/ba-p/2227063)
162 | - [Trigger Condition and Evaluation Workflow of Azure Policy](https://techcommunity.microsoft.com/t5/azure-paas-blog/trigger-condition-and-evaluation-workflow-of-azure-policy/ba-p/3436597)
163 | - [Use Azure Policy on an Azure-Arc enabled Kubernetes cluster for applying ingress/egress rules with Calico network policy](https://azurearcjumpstart.io/azure_arc_jumpstart/azure_arc_k8s/day2/multi_distributions/calico/)
164 | - [Use PowerShell to Remediate Non-Compliant Policy Definitions](https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/use-powershell-to-remediate-non-compliant-policy-definitions/ba-p/3878321)
165 | - [Using Azure Policy to onboard multiple SQL Servers at scale to Azure Arc-enabled SQL Server - Part 1](https://techcommunity.microsoft.com/t5/azure-arc-blog/using-azure-policy-to-onboard-multiple-sql-servers-at-scale-to/ba-p/3788886)
166 | - [Using GitHub for Azure Policy as Code](https://techcommunity.microsoft.com/t5/azure-governance-and-management/using-github-for-azure-policy-as-code/ba-p/1886464)
167 | - [What's the difference between Group Policy and Azure Policy?](https://techcommunity.microsoft.com/t5/itops-talk-blog/what-s-the-difference-between-group-policy-and-azure-policy/ba-p/1016312)
168 | - [What’s new across Azure Governance services, Microsoft Build 2024](https://techcommunity.microsoft.com/t5/azure-governance-and-management/what-s-new-across-azure-governance-services-microsoft-build-2024/ba-p/4150428)
169 | 
170 | ## Microsoft Repositories and Tools
171 | 
172 | - [azure/azure-policy](https://github.com/azure/azure-policy)
173 | - [azure/azurepolicyagents](https://github.com/Azure/AzurePolicyAgents)
174 | - [azure/community-policy](https://github.com/azure/community-policy)
175 | - [azure/enterprise-azure-policy-as-code](https://github.com/azure/enterprise-azure-policy-as-code)
176 | - [azure/azure-landing-zones-library](https://github.com/Azure/Azure-Landing-Zones-Library)
177 | - [azure/manage-azure-policy](https://github.com/azure/manage-azure-policy)
178 | - [azure/policy-compliance-scan](https://github.com/azure/policy-compliance-scan)
179 | - [azure/regulatory-compliance-initiatives](https://github.com/Azure/regulatory-compliance-initiatives)
180 | - [azure-samples/aca-azure-policy](https://github.com/Azure-Samples/aca-azure-policy)
181 | - [azure cyber security maturity model (CMMC) policy mapping](https://aka.ms/cmmc/alzmap)
182 | - [azure policy visual studio code extension](https://marketplace.visualstudio.com/items?itemname=azurepolicy.azurepolicyextension)
183 | - [microsoft/azurepolicytestframework](https://github.com/microsoft/AzurePolicyTestFramework)
184 | 
185 | ## Microsoft Forums and Feedback
186 | 
187 | - [Azure Governance Ideas](https://feedback.azure.com/d365community/forum/675ae472-f324-ec11-b6e6-000d3a4f0da0)
188 | - [Microsoft Q&A for Azure Policy](https://docs.microsoft.com/en-us/answers/topics/azure-policy.html)
189 | 
190 | ## Community Videos
191 | 
192 | - [A summary of the Diagnostic Settings](https://www.youtube.com/watch?v=zAxvFH9EsGY)
193 | - [Admission Control on AKS with Azure Policy](https://youtu.be/OJGmwCMsUNE)
194 | - [Anatomy of Azure Policy](https://youtu.be/4wGns611G4w)
195 | - [Authoring Custom Azure Policy Definitions](https://youtu.be/qygOCyambK4)
196 | - [Automatically Tag Azure Resources using Azure Policy](https://youtu.be/PUJe8Od7B9Q)
197 | - [Automating Infrastructure Governance with Azure Policy](https://youtu.be/dPwy8nlNyNM?t=570)
198 | - [AZ-900 Episode 31 | Azure Policy](https://youtu.be/9WO4EBgUJXk)
199 | - [Azure Back To School: Bicep Builders: Azure Sentinel and Policy as Code](https://youtu.be/B03V3Tazcec)
200 | - [Azure Governance - #3 - Policy & Blueprints](https://youtu.be/EwO25vecGUo)
201 | - [Azure Governance And Security | Secure Azure Key Vault Using Azure Policy](https://youtu.be/o4EfqtlVyR4)
202 | - [Azure Policy Governance: Insights with AzPolicyAdvertizer](https://youtu.be/a0zron2ve0E?si=oyR2sn0okUzxRwA2)
203 | - [Azure Key Vault RBAC and Policy Deep Dive](https://youtu.be/oYzFWOrZMKc)
204 | - [Azure Policy - Non-Compliance Messages](https://youtu.be/N4Xom4IYcUE)
205 | - [Azure Policy as Code - Zero to Hero in 60 minutes](https://youtu.be/AVn5glYBz84?t=2380)
206 | - [Azure Policy Remediation Deep Dive](https://youtu.be/fhIn_kHz4hk)
207 | - [Azure Policy](https://youtu.be/1NzWYIsKUl4)
208 | - [Azure Spring Clean: Some points to remember about Azure Governance](https://youtu.be/lOHK_k6w4e4)
209 | - [Azure Update Manager with Azure Policies](https://www.youtube.com/watch?v=Da1EsoAzUoY)
210 | - [Become Industry Compliant - Azure Regulatory Policy Featurette](https://youtu.be/l7-PTbJ5liM?si=Ep6lY_cLo4qFAQcg)
211 | - [Block Deletes Using the New DenyAction Azure Policy Effect](https://youtu.be/ZVshBqY8kts)
212 | - [Build Your Tagging Strategy with Azure Policy and Automation](https://youtu.be/4ebXt0iMiEU)
213 | - [Custom Policy for Azure Governance - How to create custom Azure Policy from Scratch](https://youtu.be/n-jL_xe9858)
214 | - [Detailed look at Azure Policy Exemption Permission Requirements](https://youtu.be/clAu7VqpacA)
215 | - [DevOps | Azure Policy Tutorial | Terraform | GitHub | Compliance enforcement in Azure Subscription](https://youtu.be/MQ3X7qDCddU?si=kSuv2U6Rcj791aNw)
216 | - [Festive Tech Calendar: Day 1 - Azure Governance](https://youtu.be/GK_8FAHwoe8)
217 | - [Festive Tech Calendar: Day 6 - Azure Governance: Azure customized Policies](https://www.youtube.com/watch?v=rQXZWIvW1Ww)
218 | - [Flexing Your Security Governance with Azure Policy As Code](https://youtu.be/-KSLh2I9e1U)
219 | - [Functionality and Usage of Azure Policy - AZ-900 Certification Course](https://youtu.be/z7WMqHE3R8g?si=Zp7bpzNSzD-wBewt)
220 | - [Get Visibility Into Your Environment With Azure Governance Visualizer](https://youtu.be/hZXvF5oypLE)
221 | - [Getting to Green with Azure Policy](https://youtu.be/P3PRXf-IilI?si=HWAq3sWCjpB7TpDn)
222 | - [Getting Started with Enterprise Policy As Code - Azure Policy](https://www.youtube.com/watch?v=rhc5T8caBWo)
223 | - [GitOps with Azure Arc Kubernetes via Azure Policy](https://youtu.be/AE5Io3qtABs)
224 | - [Global Azure: Policy as Code with Bicep for Enterprise Scale](https://youtu.be/qpnMJXw6pIg)
225 | - [Help Everyone Follow The Rules | Azure Policy](https://youtu.be/7xhcnxRrXYQ?si=SvyB8WczZhLjxeLD)
226 | - [How to enforce Azure Naming Convention Using Azure Policies](https://youtu.be/eqNIV9QKflg?si=VG2KDsFagFKctbDD)
227 | - [How to Apply an Azure Policy: Step-by-Step Guide](https://youtu.be/_Alx1wiDUU8?si=3jqpBm-uSdvyQF5n)
228 | - [How to Save Costs with Azure Policy! - Azure Policy Deep Dive](https://youtu.be/1Y81v4R1JL8?si=Jlk8CKIAA0FUdXw6)
229 | - [If Only I Knew THIS About Azure 5 Years Ago](https://youtu.be/DxwKYvcMud4?si=jLk8b4EmtlzUVcDB)
230 | - [Inside Azure Governance - You in Control](https://www.youtube.com/watch?v=CHFLgfELV1E)
231 | - [Livestream: A Gentle Introduction to Azure Policy](https://www.youtube.com/live/AwI9Z_7E7eA?si=1jSWP9CxsyFwD54G)
232 | - [Microsoft Azure Master Class Part 3 - Governance](https://youtu.be/cIh_Nfl67T0?t=2830)
233 | - [Organizational Governance and Best Practices for Control](https://www.youtube.com/watch?v=utVRZg0TNu8)
234 | - [Regain Control with Azure Governance](https://www.youtube.com/watch?v=M2y0QsHLeSs)
235 | - [Understanding Organizational Governance and Best Practices for Control](https://youtu.be/utVRZg0TNu8)
236 | - [Using Azure Security Center for Policy and Regulatory Compliance](https://youtu.be/AXgBoSz0dAs)
237 | - [Virtual Machine Scale Sets Logs With An Azure Policy](https://youtu.be/wT0-BA5MrZ8)
238 | - [Writing DSC Resources for Azure Policy Guest Configuration - For Linux](https://youtu.be/RxnxpZqvEmg)
239 | - [Who Polices the Policies Privilege Escalation and Persistence with Azure Policy](https://youtu.be/HCMxx_1Qfjo?si=0ykRgMx3NlLrOkT-)
240 | 
241 | ## Community Podcasts
242 | 
243 | - [057 - Azure Policy and Azure Key Vault integration](https://ctrlaltazure.com/episodes/057-azure-policy-and-azure-key-vault-integration)
244 | - [109 - Azure Policy as Code with Jesse Loudon](https://ctrlaltazure.com/episodes/109-azure-policy-as-code)
245 | - [272 - Lessons learned with Azure Policy](https://ctrlaltazure.com/episodes/272-lessons-learned-with-azure-policy)
246 | - [S01 E74 - Azure Security Podcast - What's New in Azure Policy](https://rss.com/podcasts/azsecpodcast/899368/)
247 | - [S01 E43 - Everything you need to know about Azure Policy](https://rss.com/podcasts/azsecpodcast/350402/)
248 | - [S01 E16 - Azure Security Podcast - Azure Policy](https://rss.com/podcasts/azsecpodcast/93831/)
249 | - [Episode 349 – The War of the Policies](https://www.msclouditpropodcast.com/episode349/)
250 | - [Episode 265 – Azure Automation State Configuration vs Azure Policy guest configuration](https://www.msclouditpropodcast.com/episode265/)
251 | 
252 | ## Community Books
253 | 
254 | - [Policy as Code: Improving Cloud Native Security](https://amzn.asia/d/2a0KhUK)
255 | - [Policy Design in the Age of Digital Adoption: Explore how PolicyOps can drive Policy as Code adoption in an organization's digital transformation](https://www.amazon.com/Policy-Design-Digital-Adoption-transformation-dp-1801811741/dp/1801811741/?)
256 | - [Pro Azure Governance and Security: A Comprehensive Guide to Azure Policy, Blueprints, Security Center, and Sentinel](https://www.amazon.com/Pro-Azure-Governance-Security-Comprehensive/dp/1484249097)
257 | 
258 | ## Community Articles
259 | 
260 | - [AKS Policy Reference Overriding Or Disabling Of Containers Apparmor Profile Should Be Restricted](https://securecloud.blog/2021/11/18/aks-policy-reference-overriding-or-disabling-of-containers-apparmor-profile-should-be-restricted/)
261 | - [Assign policy definitions from Azure landing zones Terraform module](https://trond.sjovang.no/posts/azure_policy_terraform_alz/)
262 | - [An Azure Policy Journey](https://medium.com/microsoftazure/an-azure-policy-journey-7bb53b41c43d)
263 | - [Audit Azure Web App Against NotLegit Vulnerability](https://azsec.azurewebsites.net/2021/12/23/audit-azure-web-app-against-notlegit-vulnerability/)
264 | - [Audit and enable Azure Hybrid Benefit with Azure Policy](https://andrewmatveychuk.com/audit-and-enable-azure-hybrid-benefit-using-azure-policy/)
265 | - [Audit Publicly Accessible Azure App Services With Azure Policy](https://charbelnemnom.com/audit-publicly-accessible-azure-app-services-with-azure-policy/)
266 | - [Audit Server Settings With Azure Policy Guest Configuration](https://www.thomasmaurer.ch/2021/03/audit-server-settings-with-azure-policy-guest-configuration/)
267 | - [Audit Subnets That Do Not Have Network Security Group Associated](https://charbelnemnom.com/audit-subnets-that-do-not-have-network-security-group-associated/)
268 | - [Auditing GPOs with Azure Guest Configuration Policy](https://manbearpiet.com/posts/guest-configuration-policy/)
269 | - [Auto Install Azure Monitor Agent with Azure Policy](https://www.cloudsma.com/2018/10/auto-install-azure-monitor-agent-with-azure-policy/)
270 | - [Automatic Tagging For Azure Resources](https://andrewmatveychuk.com/automatic-tagging-for-azure-resources/)
271 | - [Automatically Enable Microsoft Defender For Cloud Enhanced Security Features](https://samilamppu.com/2021/12/28/automatically-enable-microsoft-defender-for-cloud-enhanced-security-features/)
272 | - [Automatically Tag Azure VM's Behind A Load Balancer](https://autosysops.com/blog/automatically-tag-azure-vms-behind-a-load-balancer)
273 | - [AzGovViz With Azure DevOps](https://jacktracey.co.uk/azgovviz-with-azure-devops/)
274 | - [Azure GitHub Export and Visual studio code](https://www.cloudpartner.fi/?p=5232)
275 | - [Azure Policy – Add Date/Time Resource Group Tag](https://www.stefanroth.net/2019/10/06/azure-policy-add-date-time-resource-group-tag/)
276 | - [Azure Policy — allowed locations](https://michalmolka.medium.com/azure-policy-allowed-locations-8ecb21e4336b)
277 | - [Azure Policy – an underrated component of a scalable data platform (part1)](https://pl.seequality.net/azure-policy-underrated-part1/)
278 | - [Azure Policy – an underrated component of a scalable data platform (part2)](https://pl.seequality.net/azure-policy-underrated-part2/)
279 | - [Azure Policy – Audit And Deploy CanNotDelete Lock On Resource Group Based On Tags](https://www.stefanroth.net/2020/02/03/azure-policy-audit-and-deploy-cannotdelete-lock-on-resource-group-based-on-tags/)
280 | - [Azure Policy – Export Azure Policy Definitions](https://www.stefanroth.net/2019/07/30/azure-policy-export-azure-policy-definitions/)
281 | - [Azure Policy – How Precedence Works](https://www.stefanroth.net/2020/01/17/azure-policy-how-precedence-works/)
282 | - [Azure Policy - Looking at the DenyAction Effect](https://www.georgeollis.com/azure-policy-deny-action-effect/)
283 | - [Azure Policy – Resolve Managed Identity IAM GUID](https://www.stefanroth.net/2025/04/06/azure-policy-resolve-managed-identity-iam-guid/)
284 | - [Azure Policy A Love Story](https://michaelhowardsecure.blog/2019/03/29/azure-policy-a-love-story/)
285 | - [Azure Policy, Application Gateway WAF and OWASP rulesets](https://www.yobyot.com/azure/azure-policy-application-gateway-waf-and-owasp-rulesets/2023/04/18/)
286 | - [Azure Policy As Code – Accelerate Governance In Cloud](https://suneelsunkara.wordpress.com/2021/02/21/azure-policy-as-code-accelerate-governance-in-cloud/)
287 | - [Azure Policy As Code With Terraform Part 1](https://jloudon.com/cloud/Azure-Policy-as-Code-with-Terraform-Part-1/)
288 | - [Azure Policy As Code With Terraform Part 2](https://jloudon.com/cloud/Azure-Policy-as-Code-with-Terraform-Part-2/)
289 | - [Azure Policy As Code](https://craigclouditpro.wordpress.com/2019/09/10/azure-policy-as-code/)
290 | - [Azure Policy Compliance Remediate Azure DevOps](https://charbelnemnom.com/azure-policy-compliance-remediate-azure-devops/)
291 | - [Azure Policy Definitions for Controlling ARM API versions](https://blog.tyang.org/2022/04/24/policy-definitions-control-arm-api-versions/)
292 | - [Azure Policy Deploy MS Antimalware Ext For SQL VM](https://blog.tyang.org/2021/10/03/azure-policy-deploy-ms-antimalware-ext-for-sql-vm/)
293 | - [Azure Policy Enforce Tags For Resource Creation](https://www.cloudcorner.gr/microsoft/azure/azure-policy-enforce-tags-for-resource-creation/)
294 | - [Azure Policy Exemption on Management Group using Terraform](https://www.isjw.uk/post/azure/azure-management-group-policy-terraform/)
295 | - [Azure Policy Exemptions Added to Resource Graph](https://www.cloudsma.com/2023/09/azure-policy-exemptions-resource-graph/)
296 | - [Azure Policy for Allowed Service Tags in Network Security Groups](https://blog.tyang.org/2024/09/21/azure-policy-definition-allowed-nsg-service-tags)
297 | - [Azure Policy For Kubernetes Custom Policies On Azure Arc Enabled Kubernetes](https://www.danielstechblog.io/azure-policy-for-kubernetes-custom-policies-on-azure-arc-enabled-kubernetes/)
298 | - [Azure Policy for Kubernetes: Contraints and ConstraintTemplates](https://blog.baeke.info/2021/03/23/azure-policy-for-kubernetes-contraints-and-constrainttemplates/)
299 | - [Azure Policy for Kubernetes with AKS](https://medium.com/@alimazad/azure-policy-for-kubernetes-with-aks-e6fc3fb6811d)
300 | - [Azure Policy Fully Automated Deployment](https://paul-mackinnon.medium.com/azure-policy-fully-automated-deployment-1d6d9f86f97d)
301 | - [Azure Policy gradual rollout with resource selectors](https://www.seifbassem.com/blogs/posts/azure-policy-resource-selectors/)
302 | - [Azure Policy ideas for Azure Governance](https://azureis.fun/posts/Azure-Policy-ideas-for-Azure-Governance/)
303 | - [Azure policy initiatives for Microsoft Defender for Cloud and Microsoft Sentinel workload protections](https://blog.johnjoyner.net/azure-policy-initiatives-for-microsoft-defender-for-cloud-and-microsoft-sentinel-workload-protections/)
304 | - [Azure Policy Limit The Azure VM Sizes](https://www.cloudcorner.gr/microsoft/azure/azure-policy-limit-the-azure-vm-sizes/)
305 | - [Azure Policy Limitation for SQL MI Databases](https://blog.tyang.org/2025/03/08/azure-policy-limitation-for-sql-mi-databases)
306 | - [Azure Policy Policies Not Evaluated Right Away](https://cloudadministrator.net/2021/01/21/azure-policy-policies-not-evaluated-right-away/)
307 | - [Azure Policy Search with Azure Graph](https://zigmax.net/azure-policy-search-with-azure-graph/)
308 | - [Azure Policy To Enable Network Policies For Private Endpoints](https://www.cloudcorner.gr/microsoft/azure/azure-policy-to-enable-network-policies-for-private-endpoints/)
309 | - [Azure Policy Where To Start](https://wedoazure.ie/2019/08/22/azure-policy-where-to-start/)
310 | - [Azure Policy: Kubernetes pod security baseline explained](https://blog.baeke.info/2021/03/03/azure-policy-kubernetes-pod-security-baseline-explained/)
311 | - [Azure Policy: Starter Guide](https://andrewmatveychuk.com/azure-policy-starter-guide/)
312 | - [Azure Policy: Deny Log Analytics Workspaces creation without Daily Quota](https://rios.engineer/azure-policy-deny-log-analytics-workspaces-creation-without-daily-quota/)
313 | - [Azure Policy: What If We Use Bicep ?](https://charotamine.medium.com/azure-policies-deploy-and-test-with-bicep-bfa80082ec1)
314 | - [Azure Policy: What If You Test Your Policies ?](https://charotamine.medium.com/azure-policy-what-if-you-test-your-policies-5ddb12c95a07)
315 | - [Azure Policy's new DenyAction effect](https://dev.to/omiossec/azure-policys-new-denyaction-effect-2ljn)
316 | - [Azure Policies for Azure Monitor Action Groups](https://blog.tyang.org/2025/03/08/azure-policies-for-azure-monitor-action-groups)
317 | - [Azure Policies for Restricting Cross-Subscription Private Endpoints](https://blog.tyang.org/2024/12/21/azure-policy-definitions-restrict-cross-sub-pe)
318 | - [Azure Spring Clean: Azure Policy For AKS](https://samcogan.com/azure-spring-clean-aks-policy/)
319 | - [Azure Spring Clean: Azure Policy For Managing Your Subscription](https://training.majorguidancesolutions.com/blog/azure-policy-for-managing-your-subscription)
320 | - [Azure Spring Clean: Diagnostic Settings](https://charotamine.medium.com/azure-spring-clean-diagnostic-settings-26c61d8d165d)
321 | - [Azure Spring Clean: DINE To Automate Your Monitoring Governance With Azure Monitor Metric Alerts](https://jloudon.com/cloud/Azure-Spring-Clean-DINE-to-Automate-your-Monitoring-Governance-with-Azure-Monitor-Metric-Alerts/)
322 | - [Azure Spring Clean: Replacing Kubernetes Pod Security Policies With Azure Policy On AKS](https://samcogan.com/replacing-kubernetes-pod-security-polices-with-azure-policy-on-aks)
323 | - [Azure Spring Clean: Using Azure Policy And Security Center For Organizational Governance](https://captainhyperscaler.github.io/community/2021/03/24/azure-spring-clean/)
324 | - [Azure Spring Clean: Unleashing the Power of Azure Policy for Seamless Azure Arc Governance!](https://wmatthyssen.com/2024/03/07/azure-spring-clean-unleashing-the-power-of-azure-policy-for-seamless-azure-arc-governance/)
325 | - [Azure SQL Database Cost Optimization via Azure Policies](https://medium.com/@ashu.tripathi91/azure-sql-database-cost-optimization-via-azure-policies-2a11b02c828b)
326 | - [Bicep - Creating Custom Azure Policy Initiatives](https://www.jorgebernhardt.com/bicep-azurepolicy-custom-initiative-definition/)
327 | - [Bypassing policies in Azure](https://dev.to/cse/bypassing-policies-in-azure-29fc)
328 | - [Build Azure Policy Compliance Workbook](https://www.cloudsma.com/2021/10/build-azure-policy-compliance-workbook/)
329 | - [Bulk Enablement of Windows Admin Center Extension on Azure Arc](https://medium.com/@pratheep.sinnathurai/bulk-enablement-of-windows-admin-center-extension-on-azure-arc-de6f7ac17f19)
330 | - [Cloud Governance With Azure Policy Part 1](https://jloudon.com/cloud/Cloud-Governance-with-Azure-Policy-Part-1/)
331 | - [Cloud Governance With Azure Policy Part 2](https://jloudon.com/cloud/Cloud-Governance-with-Azure-Policy-Part-2/)
332 | - [Compliance and delegation of Azure Locks through Azure Policy](https://faun.pub/compliance-and-delegation-of-azure-locks-through-azure-policy-9f464d40faee)
333 | - [Controlling Azure SQL Firewall Rules](https://cloudadministrator.net/2021/03/31/controlling-azure-sql-firewall-rules/)
334 | - [Convert MS security baselines to Azure ARC Guest Configuration packages](https://doitpshway.com/convert-ms-security-baselines-to-azure-arc-guest-configuration-packages)
335 | - [Create And Assign Custom Azure Policies For Azure Governance](https://mohitgoyal.co/2019/10/08/create-and-assign-custom-azure-policies-for-azure-governance/)
336 | - [Create Custom Security Center Recommendation With Azure Policy](https://zimmergren.net/create-custom-security-center-recommendation-with-azure-policy/)
337 | - [Creating Custom Azure Policy for Kubernetes to Disallow Non-Compliant Image Registries](https://kristhecodingunicorn.com/post/k8s_deprecated_registry_azpolicy/)
338 | - [Creating and Deploying Azure Policy via Terraform](https://blog.johnfolberth.com/creating-and-deploying-azure-policy-via-terraform/)
339 | - [Custom Azure Policy for Kubernetes (AKS)](https://atouati.com/posts/2022/11/custom-azure-policy-for-kubernetes-aks/)
340 | - [Demystify Azure DDoS Protection Azure Policy](https://azsec.azurewebsites.net/2021/07/17/demystify-azure-ddos-protection-azure-policy/)
341 | - [DenyAction effect for Azure Policy](https://vanyurikhin.blog/2023/01/04/denyaction-effect-for-azure-policy/)
342 | - [Deny Azure Role Assignment With Azure Policy](https://azsec.azurewebsites.net/2021/04/15/deny-azure-role-assignment-with-azure-policy/)
343 | - [Deny Resource Type Creation with Azure Policy](https://euc365.com/post/deny-resource-type-creation-azure-policy/)
344 | - [Deploy And Assign Azure Policy Via Azure DevOps Pipelines](https://charbelnemnom.com/deploy-and-assign-azure-policy-via-azure-devops-pipelines/)
345 | - [Deploy Azure Monitor Agent at Scale](https://www.cloudsma.com/2021/09/deploy-azure-monitor-agent-scale/)
346 | - [Deploy Azure Policy To ManagementGroup With Bicep](https://www.nielskok.tech/infrastructure-as-code/deploy-azure-policy-to-managementgroup-with-bicep/)
347 | - [Deploy Azure Policy Using Azure DevOps CI/CD Pipeline](https://autosysops.com/blog/deploy-azure-policy-with-azure-devops/)
348 | - [Deploy Azure Policy Using Terraform](https://ydcloud.wordpress.com/2019/12/10/deploy-azure-policy-using-terraform/)
349 | - [Deploying Azure Policy remediation via Azure Lighthouse with PIM](https://rios.engineer/deploying-azure-policy-remediation-via-azure-lighthouse-with-pim/)
350 | - [Do you see value in Azure Policy Evaluator?](https://www.jannemattila.com/azure/2024/02/26/do-you-see-value-in-azure-policy-evaluator.html)
351 | - [Diagnostic Settings Storage Accounts Event Hub](https://charbelnemnom.com/diagnostic-settings-storage-accounts-event-hub/)
352 | - [Duplicate Azure Policy Definition and Initiative](https://charbelnemnom.com/duplicate-azure-policy-definition-and-initiative/)
353 | - [Elevating Privileges Through Azure Policy](https://medium.com/@vladimir.tul/elevating-privileges-through-azure-policy-872298cf673f)
354 | - [Enable Azure SQL Auditing With Azure Policy](https://charbelnemnom.com/enable-azure-sql-auditing-with-azure-policy/)
355 | - [Enable FTPS On Azure App Services With Azure Policy](https://charbelnemnom.com/enable-ftps-on-azure-app-services-with-azure-policy/)
356 | - [Enable HTTPS On Azure App Services With Azure Policy](https://charbelnemnom.com/enable-https-on-azure-app-services-with-azure-policy/)
357 | - [Enable Managed Identity For Web App Azure Policy](https://charbelnemnom.com/enable-managed-identity-for-web-app-azure-policy/)
358 | - [Enable Purge Protection Key Vault Azure Policy](https://charbelnemnom.com/enable-purge-protection-key-vault-azure-policy/)
359 | - [Enable Resource Logs In Virtual Machine Scale Sets With An Azure Policy](https://medium.com/microsoftazure/enable-resource-logs-in-virtual-machine-scale-sets-with-an-azure-policy-14624387cf2f)
360 | - [Enable Vulnerability Assessment On SQL Servers](https://charbelnemnom.com/enable-vulnerability-assessment-on-sql-servers/)
361 | - [Enhanced Azure Bicep Modules for Azure Policy Resources](https://blog.tyang.org/2024/03/06/enhanced-bicep-modules-for-azure-policy/)
362 | - [Enterprise Policy as Code with Azure DevOps](https://luke.geek.nz/azure/enterprise-policy-code-azure-devops/)
363 | - [Enforce API Management Product Subscriptions With Azure Policy](https://yourazurecoach.com/2020/08/05/enforce-api-management-product-subscriptions-with-azure-policy/)
364 | - [Enforce CanNotDelete Resource Lock using Azure Policy](https://jeffbrown.tech/azure-policy-resource-lock/)
365 | - [Enforce TLS 1.2 on Web Apps with Azure Policy](https://charbelnemnom.com/enforce-tls-1-2-on-web-apps-with-azure-policy/)
366 | - [Enforcing Design Consistency with Azure Policy and Tags](https://www.shankuehn.io/post/enforcing-design-consistency-with-azure-policy-and-tags)
367 | - [Enhancing PCI Compliance In Your Azure Environment By Using Azure Policy Custom Initiatives](https://www.darwinsec.com/post/increasing-pci-compliance-in-your-azure-environment-by-using-custom-initiatives)
368 | - [Enterprise Scale Policy Driven Governance](https://stefanstranger.github.io/2020/08/28/EnterpriseScalePolicyDrivenGovernance/)
369 | - [Generic Azure Policy Definitions for Private Endpoint DNS Registrations](https://blog.tyang.org/2024/12/21/generic-azure-policy-definitions-for-pe-dns-registrations)
370 | - [Global Azure: Policy As Code With Bicep For Enterprise Scale](https://jloudon.com/cloud/Global-Azure-Policy-as-Code-with-Bicep-for-Enterprise-Scale/)
371 | - [Go Go governance! Enforcing Azure Policies with Azure CLI](https://www.m365princess.com/blogs/azure-policy/)
372 | - [Help My Azure Policy Is Not Firing](https://yourazurecoach.com/2021/01/25/help-my-azure-policy-is-not-firing/)
373 | - [How To Azure Policy Via ARM Template](https://wedoazure.ie/2019/09/30/how-to-azure-policy-via-arm-template/)
374 | - [How To Choose An Azure Naming Convention](https://wedoazure.ie/2019/09/26/how-to-choose-an-azure-naming-convention/)
375 | - [How To Control DDOS Plan Deployment Using Azure Policy](https://wedoazure.ie/2021/11/02/how-to-control-ddos-plan-deployment-using-azure-policy/)
376 | - [How To Create Own Azure Custom Policy](https://www.c-sharpcorner.com/article/how-to-create-own-azure-custom-policy2/)
377 | - [How To Deploy Azure Policies With ARM Templates](https://andrewmatveychuk.com/how-to-deploy-azure-policies-with-arm-templates/)
378 | - [How To Deploy Azure Policy From An Azure DevOps Pipeline](https://andrewmatveychuk.com/how-to-deploy-azure-policy-from-an-azure-devops-pipeline/)
379 | - [How To Deploy Azure Policy With Bicep](https://andrewmatveychuk.com/how-to-deploy-azure-policy-with-bicep)
380 | - [How to Deploy Azure Policy with Bicep?](https://erudinsky.com/2022/09/20/azure-policy-as-code-with-bicep/)
381 | - [How To Dynamically Assign Azure Policy via Terraform](https://blog.johnfolberth.com/how-to-dynamically-assign-azure-policy-via-terraform/)
382 | - [How To Enforce Naming Convention For Azure Resources](https://andrewmatveychuk.com/how-to-enforce-naming-convention-for-azure-resources/)
383 | - [How To Ensure Proper Configuration For Your Azure Resources](https://andrewmatveychuk.com/how-to-ensure-proper-configuration-for-your-azure-resources/)
384 | - [How To Export And Backup Azure Policy Definitions](https://charbelnemnom.com/how-to-export-and-backup-azure-policy-definitions/)
385 | - [How to Get All Azure Policy Assignments of a Specific Category?](https://kristhecodingunicorn.com/post/azpolicy_category_assignments/)
386 | - [How To Win Vs Azure Policy Non-Compliance](https://jloudon.com/cloud/How-To-Win-vs-Azure-Policy-Non-Compliance/)
387 | - [How to use Azure Policy to enforce resource naming conventions in your DevOps pipelines](https://www.m365princess.com/blogs/devops-policy/)
388 | - [Identify and prevent abuse of Managed Identities with Federated Credentials from unauthorized entities](https://www.cloud-architekt.net/identify-prevent-abuse-uami-fedcreds/)
389 | - [Implementing and troubleshooting a custom Azure Policy Definition Step-by-step Guide](https://itnext.io/implementing-and-troubleshooting-a-custom-azure-policy-definition-1ab8d0634bb2)
390 | - [Improving The User Experience Of Azure Policy](https://yourazurecoach.com/2022/01/21/improving-the-user-experience-of-azure-policy/)
391 | - [Integrating Azure Policy in your AKS cluster using Terraform](https://www.willvelida.com/posts/aks-with-azure-policy/)
392 | - [Keep Control Of Your Azure Environment With Azure Policy](https://www.thomasmaurer.ch/2020/03/keep-control-of-your-azure-environment-with-azure-policy/)
393 | - [Keeping AKS Clusters Continuously Secure With Azure Policy](https://kristhecodingunicorn.com/post/aks_azure_policy/)
394 | - [Lessons Learned Developing A Custom Policy](https://stefanstranger.github.io/2021/01/22/LessonsLearnedDevelopingACustomPolicy/)
395 | - [Level up your security posture with Azure Policy Initiatives](https://gillianstravers.com/azure/level-up-your-security-posture-with-azure-policy-initiatives/)
396 | - [Looking at Azure Policy resource selectors](https://www.georgeollis.com/azure-policy-resource-selectors/)
397 | - [Manage Azure Policy with Terraform](https://brendanthompson.com/posts/2022/11/manage-azure-policy-with-terraform)
398 | - [Managing Azure Private Endpoints using Azure Policy](https://blog.tyang.org/2023/12/17/manage-private-endpoint-using-azure-policy/)
399 | - [Managing Azure Resource Tags Using Azure Policy Modify Effect](https://blog.tyang.org/2020/03/09/managing-azure-resource-tags-using-azure-policy-modify-effect/)
400 | - [Monitoring Azure Policy Compliance States 2021 Edition](https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition/)
401 | - [Natively Monitoring Azure Policy Compliance States in Azure Monitor - 2023 Edition](https://blog.tyang.org/2023/09/30/natively0monitoring-azure-policy-compliance-states-in-azure-monitor-2023-edition/)
402 | - [Notes On Azure Policy Exemption](https://azsec.azurewebsites.net/2021/12/22/notes-on-azure-policy-exemption/)
403 | - [November 2020 Update For Azure Diagnostic Settings Policy Definitions](https://blog.tyang.org/2020/11/22/november-2020-update-for-azure-diagnostic-settings-policy-definitions/)
404 | - [October 2020 Update For Azure Diagnostic Settings Policy Definitions](https://blog.tyang.org/2020/10/12/october-2020-update-for-azure-diagnostic-settings-policy-definitions/)
405 | - [Orphaned Azure Security Principals Clean-up & Azure Policy Managed Identity Role Assignment Automation](https://mortenknudsen.net/?p=938)
406 | - [Persistence with Azure Policy Guest Configuration](https://cloudbrothers.info/en/azure-persistence-azure-policy-guest-configuration/)
407 | - [Prevent deletion of resources with Azure Policy](https://gillianstravers.com/azure/prevent-deletion-of-resources-with-azure-policy/)
408 | - [Policy as Code: Using Azure Bicep to deploy Azure Policies](https://periwalmanish.wordpress.com/2022/08/13/policy-as-code-using-bicep-to-deploy-azure-policies/)
409 | - [Policy as Code: Using Modules and defining Custom Roles using Azure Bicep](https://periwalmanish.wordpress.com/2022/08/23/policy-as-code-using-modules-and-defining-custom-roles-using-azure-bicep/)
410 | - [Policy Restriction REST API for Azure Policy](https://blog.tyang.org/2024/12/24/2024-12-24-azure-policy-restriction-rest-api)
411 | - [PowerShell Module AzPolicyTest V2.0 Released](https://blog.tyang.org/2024/03/08/azpolicytest-v2-release)
412 | - [Resource naming reloaded: Azure Policy and Bicep for the winner!](https://www.m365princess.com/blogs/resource-naming/)
413 | - [Security Posture Management With Azure Policy And Microsoft Defender For Cloud](https://securecloud.blog/2021/12/17/security-posture-management-with-azure-policy-and-microsoft-defender-for-cloud/)
414 | - [Securing Azure PaaS Leveraging Azure Policies](https://medium.com/@sjimen11/securing-azure-paas-leveraging-azure-policies-8ea31387d45a)
415 | - [Talking Azure Policy As Code On CtrlAltAzure Podcast](https://jloudon.com/cloud/Talking-Azure-Policy-as-Code-on-the-CtrlAltAzure-podcast/)
416 | - [Test Azure Policies](https://checinski.cloud/test-azure-policies/)
417 | - [Testing out Azure Policies Modify Effect](https://www.georgeollis.com/azure-policy-modify/)
418 | - [The A-Z of Azure Policy](https://michaeldurkan.com/2023/03/14/the-a-z-of-azure-policy/)
419 | - [Tips On Creating Azure Policies For Azure SQL Databases](https://cloudadministrator.net/2021/04/07/tips-on-creating-azure-policies-for-azure-sql-databases/)
420 | - [Trigger An On Demand Azure Policy Compliance Evaluation Scan](https://www.danielstechblog.io/trigger-an-on-demand-azure-policy-compliance-evaluation-scan/)
421 | - [Trigger An On Demand Azure Policy Evaluation Scan At Management Group Scope](https://azsec.azurewebsites.net/2021/11/15/trigger-an-on-demand-azure-policy-evaluation-scan-at-management-group-scope/)
422 | - [Trigger Azure Policy Scan Multiple Subscriptions](https://checinski.cloud/trigger-azure-policy-scan-multiple-subscriptions/)
423 | - [Understanding Azure Policies With Visual Studio Code](https://zimmergren.net/understanding-azure-policies-with-visual-studio-code/)
424 | - [Understanding Azure Policy For Regulatory Compliance](https://azuredays.com/2020/07/07/understanding-azure-policy-for-regulatory-compliance)
425 | - [Updated Azure Policy Definitions For Azure Diagnostics Settings Again](https://blog.tyang.org/2019/11/17/updated-azure-policy-definitions-for-azure-diagnostics-settings-again/)
426 | - [Updated Azure Policy Definition for Storage Account Minimum TLS Version](https://blog.tyang.org/2025/02/10/updated-azure-policy-for-storage-minimum-tls-ver)
427 | - [Use Azure Policies to Require Resource Tags with PowerShell](https://jeffbrown.tech/use-azure-policies-to-require-resource-tags-with-powershell/)
428 | - [Use Azure Policy to audit if Azure Arc-enabled servers meet security baseline requirements](https://azurearcjumpstart.io/azure_arc_jumpstart/azure_arc_servers/day2/arc_security_baseline/)
429 | - [Using Terraform to configure Azure Policy Parameters](https://medium.com/@robbiedouglas/using-terraform-to-configure-azure-policy-parameters-3c3ad572320d)
430 | - [Using ARM Templates To Deploy Azure Policy Initiative](https://andrewmatveychuk.com/using-arm-templates-to-deploy-azure-policy-initiatives/)
431 | - [Using Azure Policy to configure your resources](https://manbearpiet.com/posts/applying-guest-configuration-policy/)
432 | - [Using Azure policy to control workload identity federation](https://blog.identitydigest.com/azuread-mi-federate-policy/)
433 | - [Using Azure Policy To Implement Tagging Inheritance](https://archiechristopher.co.uk/2022/01/07/using-azure-policy-to-implement-tagging-inheritance/)
434 | - [Using VM applications and Azure Policy to deploy applications](https://www.georgeollis.com/using-vm-applications-and-azure-policy/)
435 | - [Using Conftest For Azure Policy For Kubernetes](https://www.danielstechblog.io/using-conftest-for-azure-policy-for-kubernetes/)
436 | - [VNet peering using Azure Policy](https://rubberduckdev.com/azure-policy-vnet-peering/)
437 | - [Walkthrough Using Azure Policy To Audit And Enforce Compliance](https://azuredays.com/2020/07/09/walkthrough-using-azure-policy-to-audit-and-enforce-compliance/)
438 | - [What are Azure Policy Overrides?](https://www.georgeollis.com/what-are-azure-policy-overrides/)
439 | - [What you need to know about managing Azure Policy at scale](https://www.amdocs.com/insights/blog/what-you-need-know-about-managing-azure-policy-scale)
440 | - [Who polices your policies? Azure policy abuse for privileges escalation and persistence](https://securitylabs.datadoghq.com/articles/azure-policy-privilege-escalation/)
441 | - [Writing A Custom Azure Policy](https://journeyofthegeek.com/2021/03/07/writing-a-custom-azure-policy/)
442 | 
443 | ## Community Tools
444 | 
445 | - [AzAdvertizer](https://www.azadvertizer.net/)
446 | - [AzGovViz](https://github.com/JulianHayward/Azure-MG-Sub-Governance-Reporting)
447 | - [Azure Policy Intellisense](https://marketplace.visualstudio.com/items?itemName=justin-grote.azure-policy-intellisense)
448 | - [Azure Policy and Governance Pipelines Tasks](https://marketplace.visualstudio.com/items?itemName=razorspoint.rp-build-release-azurepolicy)
449 | - [Cloud Guardrails](https://cloud-guardrails.readthedocs.io/en/latest/)
450 | - [Search and find Azure Policy Aliases](https://policyalias.mats.codes)
451 | 
452 | ## Community Repositories
453 | 
454 | - [andrewcluey/terraform-azurerm-policy-definition](https://github.com/andrewcluey/terraform-azurerm-policy-definition)
455 | - [andrewmatveychuk/azure.policy](https://github.com/andrewmatveychuk/azure.policy)
456 | - [azsec/azure-policy](https://github.com/azsec/azure-policy)
457 | - [charotamine/azurepolicy_bicep](https://github.com/charotamine/azurepolicy_bicep)
458 | - [charotamine/policytests](https://github.com/charotamine/policytests)
459 | - [claranet/terraform-azurerm-policy](https://github.com/claranet/terraform-azurerm-policy)
460 | - [faridabharmal/azuregovernance](https://github.com/faridabharmal/azuregovernance)
461 | - [fawohlsc/azure-policy-samples](https://github.com/fawohlsc/azure-policy-samples)
462 | - [fawohlsc/azure-policy-testing](https://github.com/fawohlsc/azure-policy-testing)
463 | - [gettek/terraform-azurerm-policy-as-code](https://github.com/gettek/terraform-azurerm-policy-as-code)
464 | - [globalbao/azure-policy-as-code](https://github.com/globalbao/azure-policy-as-code)
465 | - [globalbao/terraform-azurerm-policy-exemptions](https://github.com/globalbao/terraform-azurerm-policy-exemptions)
466 | - [jamesdld/azure-policies](https://github.com/JamesDLD/azure-policies)
467 | - [jannemattila/azure-policy-evaluator](https://github.com/JanneMattila/azure-policy-evaluator)
468 | - [jimgbritt/azurediagnosticspipeline](https://github.com/jimgbritt/azurediagnosticspipeline)
469 | - [jimgbritt/azurepolicy](https://github.com/jimgbritt/azurepolicy)
470 | - [john-joyner/azure-policy](https://github.com/john-joyner/azure-policy)
471 | - [jtracey93/tf-az-dine-policy-assignment](https://github.com/jtracey93/tf-az-dine-policy-assignment)
472 | - [julianhayward/azure-mg-sub-governance-reporting](https://github.com/julianhayward/azure-mg-sub-governance-reporting)
473 | - [kudelskisecurity/azure-policy-tester](https://github.com/kudelskisecurity/azure-policy-tester)
474 | - [mattfeltonma/azure-custom-policies](https://github.com/mattfeltonma/azure-custom-policies)
475 | - [matthiasguentert/azure-naming-convention-initiative](https://github.com/matthiasguentert/azure-naming-convention-initiative)
476 | - [ricmmartins/azure-governance-made-simple](https://github.com/ricmmartins/azure-governance-made-simple)
477 | - [robinchapas/converttopolicy](https://github.com/robinchapas/ConvertToPolicy)
478 | - [salesforce/cloud-guardrails](https://github.com/salesforce/cloud-guardrails)
479 | - [stefanrothnet/azure-policy](https://github.com/stefanrothnet/azure-policy)
480 | - [siddharthtanna7/azpolicygenerator](https://github.com/siddharthtanna7/AzPolicyGenerator)
481 | - [tyconsulting/azure.policy.monitor](https://github.com/tyconsulting/azure.policy.monitor)
482 | - [tyconsulting/azurepolicy](https://github.com/tyconsulting/azurepolicy)
483 | - [yangdeal/azure_policy_deployment](https://github.com/yangdeal/azure_policy_deployment)
484 | 
485 | ## Community Forums
486 | 
487 | - [Reddit - Azure Policy](https://www.reddit.com/search/?q=azure%20policy)
488 | - [Stack Overflow - Azure Policy](https://stackoverflow.com/questions/tagged/azure-policy)
489 | 


--------------------------------------------------------------------------------