Azure Policies is the new Azure feature that let’s you enforce different rules and actions over all Azure resources as well as stay compliant with your organisational standards.
Let’s check this in practice. I am going to use build-in Policy Definition – Allowed locations. In order to do that I am going to Policy – Assigments and click on Assign Policy. Click … and from the list choose Allowed locations. Give it a name, choose the pricing tier, scope and exlusions if there are any. I provide the values as per screenshot below which basically allows us to deploy resources only to North Europe location.
So now the policy is in place. Let’s go an try to deploy the VM from Azure portal to East US. And as you can see it, just before clicking Deploy on the last step the validation fails and on the top of it gives us the name of the policies that restricts the deployment.
It is worth mentioning that my account is the Owner of the subscription.
It is very powerful feature in azure to stay compliant.