Azure Policy
A governance service that enforces organizational rules and evaluates resources for compliance.
Azure Policy is a governance service that evaluates Azure resources against business rules defined as JSON policy definitions. Policies can audit existing resources, deny non-compliant deployments before they happen, or automatically remediate drift — for example, tagging resources or enforcing that storage accounts use only HTTPS. Multiple related policies are grouped into an initiative (formerly called a policy set) and assigned at the management-group, subscription, or resource-group scope. A key exam distinction: Azure Policy controls what can be deployed and enforces configuration standards, while Azure Role-Based Access Control (RBAC) controls who can take action. They work together but are not interchangeable — an action permitted by RBAC can still be blocked by Policy if it violates a compliance rule.
PlayPrepHQ study notes are written and reviewed against primary exam sources. How we create & review content →