A curated list of AWESOME blogs, videos, tutorials, code, tools, scripts... anything which can help you learn Azure Policy and quickly get started with designing, planning, and implementing governance controls to your resources.
Community contributions are most welcome! Check out our contribution guide today and submit a pull request with any adds/removes/changes to content!
Links below are from official Microsoft sources, websites, and channels.
- Address Tangible Risks With The Govern Methodology Of The Cloud Adoption Framework For Azure
- Azure Kubernetes Services Governance with Azure Policy
- Build Cloud Governance Strategy On Azure
- Configure Azure Policy
- Design An Enterprise Governance Strategy
- Design Governance
- Intro to Azure Policy
- Manage security operations in Azure
- Adopt Policy-Driven Guardrails
- Azure Policy
- Understand Azure Policy for Kubernetes clusters
- Secure your cluster with Azure Policy
- Deploy and manage Traffic Analytics using Azure Policy
- Use Azure Policy extension for Visual Studio Code
- ARM Templates - Azure Policy Definitions
- ARM Templates - Azure PolicySet Definitions
- ARM Templates - Azure Policy Assignments
- ARM Templates - Azure Policy Exemptions
- PowerShell - Azure Policy
- Azure CLI - Azure Policy
- Azure Policy and Kubernetes
- Azure Policy on Azure Kubernetes Service
- AzureFunBytes - Intro to Azure Policy
- Azure Governance & Deployments Quarterly Customer Panel December 2021
- Azure Governance and Deployments Quarterly Customer Panel Feb 2021
- Azure Governance and Deployments Quarterly Customer Panel May 2021
- Azure Governance and the latest updates on Azure Policy
- Azure Governance for ISVs, Session 02: Policies, Initiatives, and Blueprints
- Compliance with Azure Policy
- Deep dive into Implementing governance at scale through Azure Policy
- Enforcement with Azure Policy
- Getting started with Azure Policy
- Govern Azure Arc-enabled K8S Clusters with Azure Policy | KubeCon NA 2021
- On Prem To The Cloud: Everything As Code
- Performing Remediation on Resources with Azure Policy
- Using Management Group with Azure Policy
- What is Azure Policy
- 7 steps to author, develop, and deploy custom recommendations for Windows using Guest Configuration
- Aligning CMMC Controls with your Azure Landing Zone
- Announcing Azure Resource Policy general availability
- Apply GitOps configurations on AKS as an Azure Arc Connected Cluster using Azure Policy for Kubernetes
- Azure Backup Center - Backups and Good Governance
- Azure Policy for Kubernetes releases support for custom policy
- Azure Policy introduces user assigned MSI support, faster DINE deployment, and more!
- Azure Policy – Perform policy operations through Azure DevOps
- Azure Unblogged - Azure Policy
- Centralized Policy Management in Microsoft Defender for Cloud using Management Groups
- Controlling Release Pipelines with Gates and Azure Policy Compliance
- Configure Security Center bundle pricing with Azure Policy
- Continuously Export Microsoft Defender for Cloud Alerts and Recommendations via Policy
- Eliminate Password-Based Attacks on Azure Linux VMs
- Enterprise-Scale and Azure Policy for policy-driven governance
- Deploy Monitoring Agent Extension to Azure Arc Linux and Windows servers using Azure Policy
- Enforcing Policy for Zero Trust with Azure Policy
- Field Notes: Remediating Resources Using User-Assigned Managed Identity with Azure Policy
- GA: Policy add-on for Azure Kubernetes Service
- General availability: Built-in Azure Policy support for Network Watcher Traffic Analytics
- Generally available: Azure Policy support for Azure Site Recovery
- How Does Azure Policies In Enterprise-Scale Landing Zone Help?
- How to build an audit Azure Policy with multiple parameters
- How to debug unexpected Azure Policy compliance status for Azure resources?
- How to update Azure Policy parameters in Azure Blueprints
- Important change released for Guest Configuration audit policies
- Implementing Azure Policy using Terraform
- Managing Security Center at scale using ARM templates and Azure Policy
- More resource policy aliases
- New and updated regulatory compliance policy initiatives for NIST, FedRAMP, DoD in Azure, Azure Government
- On Prem To the Cloud: Everything As Code
- OPS114: Governing baselines in hybrid server environments using Azure Policy Guest Configuration
- Policy Distribution Dashboard for Microsoft Defender for Cloud
- Portal Preview of Azure Resource Policy
- Public preview of new Azure Policy features
- The impact of conflicting Azure Policies
- Use Azure Policy on an Azure-Arc enabled Kubernetes cluster for applying ingress/egress rules with Calico network policy
- Using GitHub for Azure Policy as Code
- azure policy visual studio code extension
- azure/azure-policy
- azure/community-policy
- azure/enterprise-azure-policy-as-code
- azure/manage-azure-policy
- azure/policy-compliance-scan
- azure cyber security maturity model (CMMC) policy mapping
- azure/regulatory-compliance-initiatives
Links below are from community sources, websites, and channels.
- A summary of the Diagnostic Settings
- Admission Control on AKS with Azure Policy
- AZ-900 Episode 31 | Azure Policy
- Automatically Tag Azure Resources using Azure Policy
- Automating Infrastructure Governance with Azure Policy
- Azure Back To School: Bicep Builders: Azure Sentinel and Policy as Code
- Azure Governance And Security | Secure Azure Key Vault Using Azure Policy
- Azure Governance - #3 - Policy & Blueprints
- Azure Key Vault RBAC and Policy Deep Dive
- Azure Policy as Code - Zero to Hero in 60 minutes
- Azure Policy
- Azure Policy - Non-Compliance Messages
- Azure Spring Clean: Some points to remember about Azure Governance
- Build Your Tagging Strategy with Azure Policy and Automation
- Custom Policy for Azure Governance - How to create custom Azure Policy from Scratch
- Festive Tech Calendar: Day 1 - Azure Governance
- Festive Tech Calendar: Day 6 - Azure Governance: Azure customized Policies
- Flexing Your Security Governance with Azure Policy As Code
- Get Visibility Into Your Environment With Azure Governance Visualizer
- GitOps with Azure Arc Kubernetes via Azure Policy
- Global Azure: Policy as Code with Bicep for Enterprise Scale
- Inside Azure Governance - You in Control
- Microsoft Azure Master Class Part 3 - Governance
- Organizational Governance and Best Practices for Control
- Regain Control with Azure Governance
- Using Azure Security Center for Policy and Regulatory Compliance
- Virtual Machine Scale Sets Logs With An Azure Policy
- 057 - Azure Policy and Azure Key Vault integration
- 109 - Azure Policy as Code with Jesse Loudon
- S01 E43 - Everything you need to know about Azure Policy
- S01 E16 - Azure Security Podcast - Azure Policy
- AKS Policy Reference Overriding Or Disabling Of Containers Apparmor Profile Should Be Restricted
- An Azure Policy Journey
- Audit Azure Web App Against NotLegit Vulnerability
- Audit Publicly Accessible Azure App Services With Azure Policy
- Audit Server Settings With Azure Policy Guest Configuration
- Audit Subnets That Do Not Have Network Security Group Associated
- Auditing For Disaster Recovery With Azure Policy
- Auditing GPOs with Azure Guest Configuration Policy
- Auto Install Azure Monitor Agent with Azure Policy
- Automatic Tagging For Azure Resources
- Automatically Enable Microsoft Defender For Cloud Enhanced Security Features
- Automatically Tag Azure VM's Behind A Load Balancer
- Automating Backup Onboarding Using Azure Policy
- AzGovViz With Azure DevOps
- Azure GitHub Export and Visual studio code
- Azure Policy A Love Story
- Azure Policy As Code With Terraform Part 1
- Azure Policy As Code With Terraform Part 2
- Azure Policy As Code – Accelerate Governance In Cloud
- Azure Policy As Code
- Azure Policy Compliance Remediate Azure DevOps
- Azure Policy Deploy MS Antimalware Ext For SQL VM
- Azure Policy For Kubernetes Custom Policies On Azure Arc Enabled Kubernetes
- Azure Policy for Kubernetes: Contraints and ConstraintTemplates
- Azure Policy ideas for Azure Governance
- Azure policy initiatives for Microsoft Defender for Cloud and Microsoft Sentinel workload protections
- Azure Policy Policies Not Evaluated Right Away
- Azure Policy Where To Start
- Azure Policy – Add Date/Time Resource Group Tag
- Azure Policy – Audit And Deploy CanNotDelete Lock On Resource Group Based On Tags
- Azure Policy – Export Azure Policy Definitions
- Azure Policy – How Precedence Works
- Azure Policy: Kubernetes pod security baseline explained
- Azure Policy: Starter Guide
- Azure Policy: What If We Use Bicep ?
- Azure Policy: What If You Test Your Policies ?
- Azure Spring Clean: Azure Policy For AKS
- Azure Spring Clean: Azure Policy For Managing Your Subscription
- Azure Spring Clean: DINE To Automate Your Monitoring Governance With Azure Monitor Metric Alerts
- Azure Spring Clean: Diagnostic Settings
- Azure Spring Clean: Replacing Kubernetes Pod Security Policies With Azure Policy On AKS
- Azure Spring Clean: Using Azure Policy And Security Center For Organizational Governance
- Build Azure Policy Compliance Workbook
- Cloud Governance With Azure Policy Part 1
- Cloud Governance With Azure Policy Part 2
- Controlling Azure SQL Firewall Rules
- Create And Assign Custom Azure Policies For Azure Governance
- Create Custom Security Center Recommendation With Azure Policy
- Creating and Deploying Azure Policy via Terraform
- Demystify Azure DDoS Protection Azure Policy
- Deny Azure Role Assignment With Azure Policy
- Deploy And Assign Azure Policy Via Azure DevOps Pipelines
- Deploy Azure Monitor Agent at Scale
- Deploy Azure Policy To ManagementGroup With Bicep
- Deploy Azure Policy Using Azure DevOps CI/CD Pipeline
- Deploy Azure Policy Using Terraform
- Diagnostic Settings Storage Accounts Event Hub
- Duplicate Azure Policy Definition and Initiative
- Enable Azure SQL Auditing With Azure Policy
- Enable FTPS On Azure App Services With Azure Policy
- Enable HTTPS On Azure App Services With Azure Policy
- Enable Managed Identity For Web App Azure Policy
- Enable Purge Protection Key Vault Azure Policy
- Enable Vulnerability Assessment On SQL Servers
- Enable Resource Logs In Virtual Machine Scale Sets With An Azure Policy
- Enforce API Management Product Subscriptions With Azure Policy
- Enforce CanNotDelete Resource Lock using Azure Policy
- Enforce TLS 1.2 on Web Apps with Azure Policy
- Enhancing PCI Compliance In Your Azure Environment By Using Azure Policy Custom Initiatives
- Enterprise Scale Policy Driven Governance
- Global Azure: Policy As Code With Bicep For Enterprise Scale
- Govern Azure Virtual Network VNET CIDR Ranges With Azure Policy
- Help My Azure Policy Is Not Firing
- How To Azure Policy Via ARM Template
- How To Choose An Azure Naming Convention
- How To Control DDOS Plan Deployment Using Azure Policy
- How To Create Own Azure Custom Policy
- How To Deploy Azure Policies With ARM Templates
- How To Deploy Azure Policy From An Azure DevOps Pipeline
- How To Deploy Azure Policy With Bicep
- How To Dynamically Assign Azure Policy via Terraform
- How To Enforce Naming Convention For Azure Resources
- How To Ensure Proper Configuration For Your Azure Resources
- How To Export And Backup Azure Policy Definitions
- How To Win Vs Azure Policy Non-Compliance
- Improving The User Experience Of Azure Policy
- Keep Control Of Your Azure Environment With Azure Policy
- Lessons Learned Developing A Custom Policy
- Lessons Learned Testing The Configure Backup On VMs Azure Policy
- Managing Azure Resource Tags Using Azure Policy Modify Effect
- Monitoring Azure Policy Compliance States 2021 Edition
- Notes On Azure Policy Exemption
- November 2020 Update For Azure Diagnostic Settings Policy Definitions
- October 2020 Update For Azure Diagnostic Settings Policy Definitions
- Security Posture Management With Azure Policy And Microsoft Defender For Cloud
- Talking Azure Policy As Code On CtrlAltAzure Podcast
- Terraforming Azure Policy
- Test Azure Policies
- Tips On Creating Azure Policies For Azure SQL Databases
- Trigger An On Demand Azure Policy Compliance Evaluation Scan
- Trigger An On Demand Azure Policy Evaluation Scan At Management Group Scope
- Trigger Azure Policy Scan Multiple Subscriptions
- Understanding Azure Policies With Visual Studio Code
- Understanding Azure Policy For Regulatory Compliance
- Updated Azure Policy Definitions For Azure Diagnostics Settings Again
- Use Azure Policy to audit if Azure Arc-enabled servers meet security baseline requirements
- Use Azure Policies to Require Resource Tags with PowerShell
- Using ARM Templates To Deploy Azure Policy Initiative
- Using Azure Policy To Audit Resource Group Resource Locks
- Using Azure Policy to configure your resources
- Using Azure Policy To Implement Tagging Inheritance
- Using Conftest For Azure Policy For Kubernetes
- Walkthrough Using Azure Policy To Audit And Enforce Compliance
- Writing A Custom Azure Policy
- andrewcluey/terraform-azurerm-policy-definition
- andrewmatveychuk/azure.policy
- azsec/azure-policy
- charotamine/azurepolicy_bicep
- charotamine/policytests
- claranet/terraform-azurerm-policy
- faridabharmal/azuregovernance
- fawohlsc/azure-policy-testing
- fawohlsc/azure-policy-samples
- gettek/terraform-azurerm-policy-as-code
- globalbao/azure-policy-as-code
- globalbao/terraform-azurerm-policy-exemptions
- jamesdld/azure-policies
- jimgbritt/azurepolicy
- jimgbritt/azurediagnosticspipeline
- john-joyner/azure-policy
- jtracey93/tf-az-dine-policy-assignment
- julianhayward/azure-mg-sub-governance-reporting
- mattfeltonma/azure-custom-policies
- matthiasguentert/azure-naming-convention-initiative
- ricmmartins/azure-governance-made-simple
- robinchapas/converttopolicy
- salesforce/cloud-guardrails
- stefanrothnet/azure-policy
- tyconsulting/azure.policy.monitor
- tyconsulting/azurepolicy
- yangdeal/azure_policy_deployment