Contents x
    Creating a Policy Definition
    • 12 Feb 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Creating a Policy Definition

    • Updated on 12 Feb 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Turbo360 allows users to define custom policy definitions. The Policy definition is a set of business rules described in JSON format.

    Policy definition structure

    The policy definition contains the following elements:

    • Display name
    • Description
    • Category
    • Mode
    • Metadata
    • Parameters
    • Policy rule

    Create a Policy definition

    1. Go to Policies section in Azure Documenter
    2. Click Create policy in the Definitions tab
    3. Define the policy scope. The scope can be either a management group or a subscription. Click Next
    4. Provide display name and description to identify the policy definition. The display name has a maximum length of 128 characters and the description has a maximum length of 512 characters
    5. Create or provide a built-in category to the policy definition. It is an optional field

    The JSON field includes mode, parameters, and policy rule(s).

    • Mode is configured depending on the policy if its targeting an Azure Resource Manager property or a Resource Provider property.
    • Parameters help simplify your policy management by reducing the number of policy definitions. A parameter has the following properties that are used in the policy definition:
    • name: The name of the parameter used by the parameters deployment function within the policy rule.
    • type: Determines if the parameter is a string, array, object, boolean, integer, float, or datetime.
    • metadata

    Metadata has the following properties:

    • description: The explanation of what the parameter is used for.
    • displayName: A friendly name.
    • strongType: Optional value, used to determine the type.
    • assignPermissions: Optional value, set as true to create role assignments during policy assignment.
    • defaultValue: Optional value, sets the value of the parameter in an assignment if no value is given. Required when updating an existing policy definition that is assigned. For object-type parameters, the value must match the appropriate schema.
    • allowedValues: Optional value, provides an array of values that the parameter accepts during the assignment. Allowed value comparisons are case-sensitive. For object-type parameters, the values must match the appropriate schema.
    • schema: Optional value, provides validation of parameter inputs during assignment using a self-defined JSON schema.

    The policy rule consists of If and Then blocks. If a block contains one or more conditions that specify when the policy is enforced. Logical operators can be applied to these conditions to precisely define the scenario for a policy.

    1. Click Create to create the policy definition

    During the creation or updating of a policy definition the name, description, and category are defined by properties external to the JSON.

    policy.gif

    Edit a Policy definition

    1. Click the Edit icon next to any policy definition in Policies -> Definitions
    2. Go through the same steps as in above for editing a policy definition and click Update

    The scope of the policy definition cannot be changed when updating the policy definition.

    Delete a Policy definition

    1. Click the Delete icon next to any policy definition in Policies -> Definitions
    2. Click Delete in the confirmation box

    2.png

    The built-in policy definition can't be edited or deleted.

    Was this article helpful?
    What's Next