Be Compliant with Azure Policies
Azure Policy helps to enforce organizational standards and to assess compliance at-scale. Through its compliance dashboard, it provides an aggregated view to evaluate the overall state of the environment, with the ability to drill down to the per-resource, per-policy granularity. It also helps to bring your resources to compliance through bulk remediation for existing resources and automatic remediation for new resources.
Deploying Azure Policy
Open the Azure Portal and search Policy
In this guide, we will assign a policy to check if Azure Backup is enabled for Virtual Machines. First, go to the Definitions tab and apply filters. If you work with Azure Lighthouse, you can adjust the scope (e.g the Azure subscription).
In our case, we will display Azure Backup Policies, so select Backup in the category filter
Select the first policy to audit the backup for Virtual Machines
Assign the policy
Here, we need to select the scope for the policy. Once again, if you work with Azure Lighthouse, you can select between all the Azure Subscriptions that you managed. You can also adjust the scope by filtering the Resource Group.
In the parameters tab, you must select AuditIfNotExists which means that Virtual Machines will be flagged Non Compliant in the results.
After creating the policy, you should see the assignment in the Assignments tab
Now, go to the compliance tab to check if backup is enabled for Virtual Machines. In my case, I can confirm that 4 Virtual Machines are compliant
Let’s confirm in the backup center, in my case I can see 4 Virtual Machines in the Vault.
