- [PORTAL] Manual configure reader ([email protected])
- Azure CLI create custom role and assign
Create Role (Cloud Shell)
az role definition create --role-definition vm-restart.json
Assign user to Role:
az role assignment create --role "Restart Virtual Machines" --assignee [email protected]
- [PORTAL] Management Group
- [PORTAL] Apply single policy (tag resource)
- Apply custom policy (tag resource by type)
Change directory:
cd /Users/neilpeterson/storage/speaking-engagements/talk-azure-governance/policy/tag-append-type
Create resource group and apply policy:
pwsh policyTagAppendType.ps1 -ResourceGroupName policy-demo-custom -ResourceType Microsoft.Storage/storageAccounts -Location eastus -PolicyName tagByType
Create storage account which will be tagged.
az storage account create --name storage007$RANDOM --resource-group policy-demo-custom
Create container instance which will not be tagged.
az container create --name contianer$RANDOM --resource-group policy-demo-custom --image microsoft/aci-helloworld
- [PORTAL] Create RG and apply initiative (Storage and VM SKU)
- [PORTAL] Manually create blueprint
- Azure DevOps demo