Create Azure Resource Policy to enforce user?

109 Views Asked by AudioBubble At 04 April 2025 at 10:08

I am looking for an option to enforce user to use specific image, i am trying to modify below code to use HuB image

. Below is the code I am trying to modify to enforce windows HuB

"if": {
  "allOf": [
    {
      "field": "type",
      "in": [ "Microsoft.Compute/virtualMachines", "Microsoft.Compute/VirtualMachineScaleSets" ]
    },
    {
      "field": "Microsoft.Compute/licenseType",
      "exists": Windows_Server
    }
  ]
},
"then": {
  "effect": "deny"
}

} }

Original Q&A

There are 1 best solutions below

Shui shengbao On 12 September 2017 at 02:13 BEST ANSWER

If my understanding is right, you could firstly find Hub images's SKU.

For Windows Server:

PS C:\Program Files\> Get-AzureRmVMImagesku -Location westus -PublisherName MicrosoftWindowsServer -Offer WindowsServer-Hub|select Skus

Skus
----
2008-R2-SP1-HUB
2012-Datacenter-HUB
2012-R2-Datacenter-HUB
2016-Datacenter-HUB

For Windows Client:

PS C:\Program Files> Get-AzureRMVMImageSku -Location "West US" -Publisher "MicrosoftWindowsServer" -Offer "Windows-HUB"|select Skus

Skus
----
Windows-10-HUB

More information about this please refer to this blog and this link.

According to the official document. Maybe you could modify your policy as below:

{
  "if":{
   {
     "anyOf": [
       {
         "field": "Microsoft.Compute/imageSku",
         "like": "2016-Datacenter-HUB*"
       },
       {
         "field": "Microsoft.Compute/imageSku",
         "like": "Windows-10-HUB*"
       },
       {
       .....
       }
     ] 
   }
  },
 "then": {
        "effect": "deny"
    }
}

Create Azure Resource Policy to enforce user?

There are 1 best solutions below

Related Questions in AZURE

Related Questions in RESOURCES

Related Questions in AZURE-VIRTUAL-MACHINE

Related Questions in POLICY

Trending Questions

Popular # Hahtags

Popular Questions