Forum Discussion
How to assign policies by updating ARM template?
Hello all! I need to assign policies to my subscription for it to be compliant. How will I be able to assign the policies by updating the ARM template of the subscription? Also, I found out a way to ...
Hi
To assign policy definitions or initiative you have many ways like :
- Assigning through the portal
- Assigning through Azure Blueprint
- Assigning through Infra as code (Arm Templates Terraform Pulumi...)
For Infra as code you will need to export the policy definition and customize it .
Once you have done that you deploy it like a regular resource in azure .
If you are not familiar with IaC you can simply use the UI and deploy it through the portal or Azure Blueprint ( Arm yemplate behind the scene)
Hi ibnmbodji thank you for answering. Sorry I'm not yet familiar with this, but how do I export and deploy the policy definition? Also, if I assign the policy through portal, will it also be included in the ARM template for that subscription?
You're welcome .
To export the policy definition you need to go to the Azure Policy blade
Select Definitions and in the list select the definition you want to export . You need to have Github account to be able to do that .
You can do that in other ways documented below :
Export Azure Policy resources - Azure Policy | Microsoft Docs
Notice that you don't need to do that if there is no changes in the builtin policy . You can just assign to a scope directly .
If you want add changes you can simply add a policy definition
Edit the policy rule and hit save . You can also import the policy rule from Github .
There is no update mecanism for Arm templates .If you want to have custom definitions you need to export builtin definitions add changes and redeploy it .
If not you don't need to export anything . Identify the definitions or initiative and just assign them to a defined scope .
ibnmbodji great! thank you for the answers. 🙂
