To implement Azure policies, you have to assign them. In this demonstration, we are going to assign an Allowed location policy to an Azure resource group. Therefore, you have to perform the following steps:
Click on the Getting startedmenu item. You will see a page that is similar to the following:
Getting started with Azure policies
The first step is to view and select the policy definition. Select the View Definitions link on the page.
You will go to the available built-in and custom policies inside your subscription. On the right-hand side, type Locationsin the searchbar:
Searching for a locations policy
Then, select the Allowed locationspolicy; you will be redirected to the blade where you can see the policy definition in JSON and assign the policy:
Policy definition
Click on Assignin the top menu.
To assign the policy, you have to fill in the following values:
Scope: Select a subscription, and, optionally, a resource group. I've selected the PacktNetworkWatcherresource group for this demonstration.
Allowed locations: Only select West Europe, as demonstrated in the following screenshot:
Assigning the policy definition
Click on Assign. The policy will be assigned to the resource group.
Now, when we add a new resource to the resource group (such as a new VM, for instance) and set the location toEast US, we will notice a validation error on the top-left of the screen. When you click on it, you will see the following details on the right-hand side of the screen:
Validation error
In this section, we covered how to assign a policy in Azure.