{"id":2652,"date":"2026-07-07T16:32:05","date_gmt":"2026-07-07T16:32:05","guid":{"rendered":"https:\/\/www.microteklearning.com\/blog\/?p=2652"},"modified":"2026-07-07T16:32:08","modified_gmt":"2026-07-07T16:32:08","slug":"what-is-azure-policy","status":"publish","type":"post","link":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/","title":{"rendered":"What Is Azure Policy? A Complete Guide to Azure Governance and Compliance"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"538\" src=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-1024x538.png\" alt=\"what is azure policy\" class=\"wp-image-2660\" srcset=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-1024x538.png 1024w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-300x158.png 300w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-150x79.png 150w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-768x403.png 768w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-440x231.png 440w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design-680x357.png 680w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/Untitled-design.png 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Somebody on your team spins up a virtual machine in a region your company never approved. Another engineer creates a storage account with public access left on. Nobody did anything malicious. They just clicked through the portal the way anyone would. Six months later, an auditor finds both.<\/p>\n\n\n\n<p>This is the problem Azure Policy exists to solve. Access control would not have stopped either one, and billing alerts only tell you after the fact. What you need is a way to define what is allowed to exist in your cloud environment in the first place.<\/p>\n\n\n\n<p>This guide covers what Azure Policy is, how it actually works under the hood, the effects you can apply, how initiatives and remediation fit in, and where teams tend to go wrong. If you manage Azure subscriptions in any capacity, this is worth 15 minutes of your time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_Azure_Policy\"><\/span>What is Azure Policy?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Azure Policy is a governance service built into Microsoft Azure that lets you define rules for your resources and then enforces those rules automatically. A rule might say &#8220;no virtual machines outside East US and West US,&#8221; or &#8220;every resource must carry a cost-center tag,&#8221; or &#8220;storage accounts cannot allow public blob access.&#8221; Once a policy is assigned, Azure evaluates every resource against it and either blocks non-compliant requests, flags them for review, or fixes them on the spot.<\/p>\n\n\n\n<p>The service is free. There is no charge for creating, assigning, or evaluating policies, which is unusual for something this useful. (A few adjacent capabilities, like machine configuration for servers running outside Azure, do carry costs, but the core service does not.)<\/p>\n\n\n\n<p>The simplest way to think about it: role-based access control decides <em>who<\/em> can do things in Azure. Azure Policy decides <em>what<\/em> can be done at all, regardless of who is doing it. An Owner with full permissions still cannot create a VM in a blocked region if a Deny policy is in place. That distinction matters more than most people realize, and we will come back to it.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"453\" src=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-1024x453.png\" alt=\"How Azure Policy Works\" class=\"wp-image-2653\" srcset=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-1024x453.png 1024w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-300x133.png 300w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-150x66.png 150w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-768x340.png 768w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-440x195.png 440w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works-680x301.png 680w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/how-azure-policy-works.png 1520w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Azure_Policy_works\"><\/span>How Azure Policy works<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Four building blocks do all the work. Get these straight and everything else in the service makes sense.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Policy_definitions\"><\/span>Policy definitions<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>A policy definition is the rule itself, written in JSON. It has two halves: a condition (what to look for) and an effect (what to do when the condition matches). Here is a stripped-down example that blocks resources outside two regions:<\/p>\n\n\n\n<p>json<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>{\n  \"if\": {\n    \"not\": {\n      \"field\": \"location\",\n      \"in\": &#91;\"eastus\", \"westus\"]\n    }\n  },\n  \"then\": {\n    \"effect\": \"deny\"\n  }\n}<\/code><\/pre>\n\n\n\n<p>You rarely need to write these from scratch. Azure ships with well over a thousand built-in definitions covering regions, tags, SKUs, networking, encryption, and diagnostics. Most teams get 80% of the way there with built-ins and write custom definitions only for rules specific to their business.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Policy_assignments\"><\/span>Policy assignments<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>A definition does nothing until you assign it to a scope. The assignment is what says &#8220;apply this rule <em>here<\/em>.&#8221; Scopes follow the Azure resource hierarchy: management group, subscription, resource group, or individual resource. Assign at a management group and the rule cascades to every subscription and resource underneath it.<\/p>\n\n\n\n<p>You can also carve out exclusions within an assignment, and since exemptions were introduced, you can grant time-bound waivers for specific resources without touching the assignment itself. Exemptions are the cleaner option because they leave an audit trail and can expire automatically.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"656\" src=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-1024x656.png\" alt=\"Azure Policy Scope Hierarchy\" class=\"wp-image-2654\" srcset=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-1024x656.png 1024w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-300x192.png 300w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-150x96.png 150w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-768x492.png 768w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-440x282.png 440w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy-680x435.png 680w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-scope-hierarchy.png 1396w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Parameters\"><\/span>Parameters<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Parameters keep you from writing twenty nearly identical definitions. One &#8220;allowed locations&#8221; definition with a location parameter can be assigned to the production management group with <code>[\"eastus\"]<\/code> and to the dev subscription with <code>[\"eastus\", \"westus\", \"centralus\"]<\/code>. Same rule, different values, far less maintenance.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_evaluation_engine\"><\/span>The evaluation engine<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Azure evaluates resources against assigned policies at several points: when a resource is created or updated, when a new policy is assigned to a scope, roughly once every 24 hours as a standing compliance sweep, and whenever you trigger an on-demand scan. Results land in the compliance dashboard, where each assignment shows a compliance percentage and a list of the specific resources that fail.<\/p>\n\n\n\n<p>One thing that surprises people: evaluation is not instant across an entire estate. A newly assigned policy can take around 30 minutes to take effect, and the full compliance picture for existing resources fills in over the following scan cycle. Plan rollouts accordingly.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Policy_effects_what_happens_when_a_rule_matches\"><\/span>Policy effects: what happens when a rule matches<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The effect is where a policy gets its teeth. These are the ones you will actually use:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"552\" src=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-1024x552.png\" alt=\"Common Azure Policy Effects\" class=\"wp-image-2655\" srcset=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-1024x552.png 1024w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-300x162.png 300w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-150x81.png 150w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-768x414.png 768w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-440x237.png 440w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects-680x367.png 680w, https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy-effects.png 1520w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Deny<\/strong> blocks the request. The user gets an error at deployment time and the resource is never created. This is the effect people picture when they hear &#8220;policy,&#8221; and it is also the one to use most carefully, because a badly scoped Deny can break legitimate deployments across an entire organization in one afternoon.<\/p>\n\n\n\n<p><strong>Audit<\/strong> allows the action but records the resource as non-compliant. This is the right starting point for almost every new policy. Run it in audit mode for a few weeks, see what it would have caught, then flip to Deny once you trust it.<\/p>\n\n\n\n<p><strong>Append<\/strong> adds fields to a resource during creation. The classic example is appending an IP restriction to a storage account.<\/p>\n\n\n\n<p><strong>Modify<\/strong> adds, updates, or removes properties and tags, and it pairs with remediation tasks so you can fix existing resources, not just new ones. If your goal is &#8220;every resource gets an environment tag,&#8221; Modify plus remediation is how you get there without asking anyone to do anything.<\/p>\n\n\n\n<p><strong>DeployIfNotExists<\/strong> checks whether a related resource exists and deploys it if not. This is how organizations guarantee that every VM has diagnostic settings or that every SQL database has auditing turned on. It requires a managed identity with the right permissions, which trips people up on first use.<\/p>\n\n\n\n<p><strong>AuditIfNotExists<\/strong> is the read-only sibling: it flags resources that are missing the related resource but deploys nothing.<\/p>\n\n\n\n<p><strong>DenyAction<\/strong> blocks specific actions, most usefully delete operations, which gives you a lightweight way to protect critical resources.<\/p>\n\n\n\n<p><strong>Disabled<\/strong> switches the rule off without deleting anything, which is handy for testing and for parameterized definitions where some assignments should be dormant.<\/p>\n\n\n\n<p>My honest advice after seeing how this plays out in real environments: default to Audit, earn your way to Deny, and treat DeployIfNotExists as the workhorse for anything security-related. Teams that start with aggressive Deny policies tend to generate a flood of support tickets and then quietly disable everything, which is worse than having no policies at all.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Initiatives_grouping_policies_that_belong_together\"><\/span>Initiatives: grouping policies that belong together<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>An initiative (Microsoft also calls it a policy set) bundles multiple policy definitions into a single assignable unit. Instead of assigning 40 individual security policies to your production management group and tracking 40 compliance scores, you assign one initiative and get one aggregate score.<\/p>\n\n\n\n<p>This is where compliance work gets practical. Azure ships built-in regulatory compliance initiatives that map policies to the controls in frameworks like <a href=\"https:\/\/www.microteklearning.com\/iso-iec-27001-lead-auditor-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">ISO 27001<\/a>, NIST SP 800-53, PCI DSS, HIPAA, and CIS benchmarks. Assign the ISO 27001 initiative and the compliance dashboard shows you, control by control, where your environment stands. It will not make you certified on its own (auditors care about process, not just configuration), but it turns &#8220;are we compliant?&#8221; from a quarterly panic into a dashboard you can check on a Tuesday.<\/p>\n\n\n\n<p>The Microsoft cloud security benchmark initiative deserves a specific mention. It is assigned by default when you enable <a href=\"https:\/\/www.microteklearning.com\/az-500t00-microsoft-azure-security-technologies-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Defender for Cloud<\/a>, and it is the source of most of the security recommendations you see there. A lot of people use Defender for Cloud daily without realizing Azure Policy is the engine underneath.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Remediation_fixing_what_already_exists\"><\/span>Remediation: fixing what already exists<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Deny only helps with resources created after the policy exists. Every real environment has a backlog of resources built before anyone thought about governance. Remediation tasks handle that backlog.<\/p>\n\n\n\n<p>For policies using Modify or DeployIfNotExists, you can create a remediation task that walks through existing non-compliant resources and applies the fix. The task runs under a managed identity, so it needs role assignments that match what the fix requires (Contributor on the scope for deploying diagnostic settings, for example). Set the identity up wrong and the task fails quietly, and you will spend an hour wondering why nothing happened.<\/p>\n\n\n\n<p>A sensible remediation rollout looks like this: assign in audit mode, review the non-compliant list, remediate a small resource group as a test, then remediate the full scope. Skipping the test step on a policy that modifies hundreds of resources is a bet you do not need to make.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Azure_Policy_vs_RBAC_different_questions_both_necessary\"><\/span>Azure Policy vs RBAC: different questions, both necessary<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>This comparison confuses newcomers constantly, so here it is plainly.<\/p>\n\n\n\n<p>RBAC answers &#8220;can this person perform this operation?&#8221; It is about identities and permissions. A user with the Contributor role can create resources; a user with Reader cannot.<\/p>\n\n\n\n<p>Azure Policy answers &#8220;is this resource configuration allowed to exist?&#8221; It ignores who is asking. The CTO and an intern hit the same Deny policy identically.<\/p>\n\n\n\n<p>They also fail differently. RBAC is deny by default: you can do nothing until a role grants it. Azure Policy is allow by default: everything is permitted until a policy restricts it. You need both, and neither substitutes for the other. RBAC without Policy means authorized people can still build non-compliant resources. Policy without RBAC means anyone can attempt anything and you are relying on rules alone to catch it.<\/p>\n\n\n\n<p>Worth knowing for planning purposes: Azure Blueprints, the older service that packaged policies, role assignments, and templates together, reaches retirement on July 11, 2026. Microsoft&#8217;s recommended replacement is deployment stacks combined with template specs, with Azure Policy continuing to handle the governance layer. If your organization still runs Blueprints, migrating is now urgent rather than optional.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Real-world_use_cases\"><\/span>Real-world use cases<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The patterns below cover most of what organizations actually deploy:<\/p>\n\n\n\n<p>Cost control comes first for many teams. Policies that restrict VM SKUs stop someone from launching a GPU cluster for a test, and allowed-location policies prevent data from landing in expensive or unapproved regions. Tag enforcement (require a cost-center tag, inherit tags from the resource group) is what makes cost reporting possible at all. Untagged resources are unattributable resources.<\/p>\n\n\n\n<p>Security baselines are the second big category. Deny public IPs on VMs in production. Require HTTPS-only on storage accounts. Enforce encryption settings. Deploy Defender for Cloud agents automatically through DeployIfNotExists. None of these are exotic; all of them close gaps that show up in real breach post-mortems.<\/p>\n\n\n\n<p>Data residency matters if you operate under GDPR or similar regimes. An allowed-locations policy at the management group level is a one-time setup that permanently answers &#8220;can we prove customer data stays in approved regions?&#8221;<\/p>\n\n\n\n<p>And operational consistency rounds it out: mandatory diagnostic settings so logs exist when you need them, naming convention checks, and DenyAction on delete for the resources whose loss would ruin a quarter.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Best_practices_that_save_you_pain_later\"><\/span>Best practices that save you pain later<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Start every policy in Audit mode. I have said it twice now because it is the difference between a smooth rollout and an angry engineering org.<\/p>\n\n\n\n<p>Assign high, exempt low. Broad guardrails belong at the management group level. Exceptions belong as scoped exemptions with expiry dates, not as gaps in the assignment.<\/p>\n\n\n\n<p>Use initiatives even for small groups of policies. Individual assignments multiply fast and become unmanageable by the time you have 30 of them.<\/p>\n\n\n\n<p>Treat policy definitions as code. Keep custom definitions in a Git repository and deploy them through your pipeline (Terraform, Bicep, and the Azure CLI all support this). Portal-only policy management works fine right up until someone asks &#8220;who changed this and when?&#8221;<\/p>\n\n\n\n<p>Review the compliance dashboard on a schedule. A policy nobody looks at is a policy that silently stopped mattering. Monthly is enough for most teams.<\/p>\n\n\n\n<p>Test DeployIfNotExists and Modify policies in a sandbox subscription first. These effects change resources. Changed resources occasionally mean broken applications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_create_your_first_policy_assignment\"><\/span>How to create your first policy assignment<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The short version, using the portal: search for Policy, open Definitions, pick a built-in (the &#8220;Allowed locations&#8221; definition is a good first one), select Assign, choose your scope, set the parameter values, pick the effect, and create. Within about half an hour the policy is live for new deployments, and the compliance view populates over the next scan cycle.<\/p>\n\n\n\n<p>For anything beyond experimentation, do the same thing in code. A Bicep or Terraform assignment takes ten more minutes to write the first time and pays for itself the first time you need to reproduce or review it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"FAQ\"><\/span>FAQ<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<div data-wp-context=\"{ &quot;autoclose&quot;: true, &quot;accordionItems&quot;: [] }\" data-wp-interactive=\"core\/accordion\" role=\"group\" class=\"wp-block-accordion is-layout-flow wp-block-accordion-is-layout-flow\">\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-1&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-1-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-1\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>Is Azure Policy free?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-1\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-1-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>Yes. Creating, assigning, and evaluating policies costs nothing. Related add-ons like machine configuration for non-Azure servers have their own pricing, but the core service is included with Azure.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-2&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-2-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-2\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>What is the difference between a policy and an initiative?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-2\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-2-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>A policy is a single rule. An initiative is a named group of policies assigned and tracked as one unit. Use initiatives whenever rules logically belong together.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div data-wp-context=\"{ &quot;autoclose&quot;: true, &quot;accordionItems&quot;: [] }\" data-wp-interactive=\"core\/accordion\" role=\"group\" class=\"wp-block-accordion is-layout-flow wp-block-accordion-is-layout-flow\">\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-3&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-3-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-3\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>Can Azure Policy fix non-compliant resources automatically?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-3\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-3-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>Yes, through remediation tasks paired with Modify or DeployIfNotExists effects. The task runs under a managed identity and applies the fix to existing resources.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div data-wp-context=\"{ &quot;autoclose&quot;: true, &quot;accordionItems&quot;: [] }\" data-wp-interactive=\"core\/accordion\" role=\"group\" class=\"wp-block-accordion is-layout-flow wp-block-accordion-is-layout-flow\">\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-4&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-4-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-4\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>How often does Azure Policy evaluate resources?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-4\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-4-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>On every resource create or update, when a new assignment is made, during a compliance scan roughly every 24 hours, and on demand when you trigger a scan.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div data-wp-context=\"{ &quot;autoclose&quot;: true, &quot;accordionItems&quot;: [] }\" data-wp-interactive=\"core\/accordion\" role=\"group\" class=\"wp-block-accordion is-layout-flow wp-block-accordion-is-layout-flow\">\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-5&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-5-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-5\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>Does Azure Policy override RBAC?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-5\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-5-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>They operate independently. A Deny policy blocks an action even for users with full RBAC permissions, and RBAC restrictions apply even where no policy exists. Passing one check does not bypass the other.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div data-wp-context=\"{ &quot;autoclose&quot;: true, &quot;accordionItems&quot;: [] }\" data-wp-interactive=\"core\/accordion\" role=\"group\" class=\"wp-block-accordion is-layout-flow wp-block-accordion-is-layout-flow\">\n<div data-wp-class--is-open=\"state.isOpen\" data-wp-context=\"{ &quot;id&quot;: &quot;accordion-item-6&quot;, &quot;openByDefault&quot;: false }\" data-wp-init=\"callbacks.initAccordionItems\" data-wp-on-window--hashchange=\"callbacks.hashChange\" class=\"wp-block-accordion-item is-layout-flow wp-block-accordion-item-is-layout-flow\">\n<h3 class=\"wp-block-accordion-heading\"><button aria-expanded=\"false\" aria-controls=\"accordion-item-6-panel\" data-wp-bind--aria-expanded=\"state.isOpen\" data-wp-on--click=\"actions.toggle\" data-wp-on--keydown=\"actions.handleKeyDown\" id=\"accordion-item-6\" type=\"button\" class=\"wp-block-accordion-heading__toggle\"><span class=\"wp-block-accordion-heading__toggle-icon\" aria-hidden=\"true\">+<\/span><span class=\"wp-block-accordion-heading__toggle-title\"><strong>Can I use Azure Policy for resources outside Azure?<\/strong><\/span><\/button><\/h3>\n\n\n\n<div inert aria-labelledby=\"accordion-item-6\" data-wp-bind--inert=\"!state.isOpen\" id=\"accordion-item-6-panel\" role=\"region\" class=\"wp-block-accordion-panel is-layout-flow wp-block-accordion-panel-is-layout-flow\">\n<p>Partially. Through Azure Arc, policies (including machine configuration) can extend to servers and Kubernetes clusters running on-premises or in other clouds.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Where_to_go_from_here\"><\/span>Where to go from here<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Azure Policy is one of those services that costs nothing, ships with the platform, and still goes unused in a surprising number of organizations. The environments that adopt it early spend audit season pulling reports. The ones that do not spend it in spreadsheets.<\/p>\n\n\n\n<p>If you want structured, hands-on depth, Azure governance features prominently in Microsoft&#8217;s role-based certification tracks. The <a href=\"https:\/\/www.microteklearning.com\/az-104-microsoft-azure-administrator-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">AZ-104: Microsoft Azure Administrator<\/a> course covers policy assignments and governance as a core exam domain, <a href=\"https:\/\/www.microteklearning.com\/az-500-microsoft-azure-security-technologies-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">AZ-500: Microsoft Azure Security Technologies<\/a> goes deeper on policy-driven security baselines and Defender for Cloud, and <a href=\"https:\/\/www.microteklearning.com\/sc-100-microsoft-cybersecurity-architect-training\/\" target=\"_blank\" rel=\"noreferrer noopener\">SC-100: Microsoft Cybersecurity Architect<\/a> treats governance strategy at the architecture level. Microtek Learning delivers all three as instructor-led training with certified Microsoft trainers.<\/p>\n\n\n\n<p>Start with one Audit policy on one subscription this week. That is genuinely all it takes to begin.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A practical guide to enforcing governance and compliance in Azure.<\/p>\n","protected":false},"author":1,"featured_media":2657,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45,9],"tags":[],"class_list":["post-2652","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure","category-microsoft"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What Is Azure Policy? Guide to Governance &amp; Compliance<\/title>\n<meta name=\"description\" content=\"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance &amp; compliance in Azure.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is Azure Policy? Guide to Governance &amp; Compliance\" \/>\n<meta property=\"og:description\" content=\"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance &amp; compliance in Azure.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-07T16:32:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-07T16:32:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microtek Learning\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microtek Learning\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\"},\"author\":{\"name\":\"Microtek Learning\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/bbe6552c3446438e1417c5ada9c3664a\"},\"headline\":\"What Is Azure Policy? A Complete Guide to Azure Governance and Compliance\",\"datePublished\":\"2026-07-07T16:32:05+00:00\",\"dateModified\":\"2026-07-07T16:32:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\"},\"wordCount\":2389,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png\",\"articleSection\":[\"Azure\",\"Microsoft\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\",\"url\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\",\"name\":\"What Is Azure Policy? Guide to Governance & Compliance\",\"isPartOf\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png\",\"datePublished\":\"2026-07-07T16:32:05+00:00\",\"dateModified\":\"2026-07-07T16:32:08+00:00\",\"description\":\"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance & compliance in Azure.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage\",\"url\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png\",\"contentUrl\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png\",\"width\":1024,\"height\":1024,\"caption\":\"Azure Policy\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microteklearning.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Is Azure Policy? A Complete Guide to Azure Governance and Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#website\",\"url\":\"https:\/\/www.microteklearning.com\/blog\/\",\"name\":\"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microteklearning.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#organization\",\"name\":\"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity\",\"url\":\"https:\/\/www.microteklearning.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/02\/PNG.png\",\"contentUrl\":\"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/02\/PNG.png\",\"width\":150,\"height\":40,\"caption\":\"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity\"},\"image\":{\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/bbe6552c3446438e1417c5ada9c3664a\",\"name\":\"Microtek Learning\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b3b961db8f2a613263205e36e8b4dfde727d161bdfb64c5dbf51a2f4832239ec?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b3b961db8f2a613263205e36e8b4dfde727d161bdfb64c5dbf51a2f4832239ec?s=96&d=mm&r=g\",\"caption\":\"Microtek Learning\"},\"sameAs\":[\"http:\/\/ncrpackersmovers.in\/blogs\"],\"url\":\"https:\/\/www.microteklearning.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What Is Azure Policy? Guide to Governance & Compliance","description":"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance & compliance in Azure.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/","og_locale":"en_US","og_type":"article","og_title":"What Is Azure Policy? Guide to Governance & Compliance","og_description":"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance & compliance in Azure.","og_url":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/","og_site_name":"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity","article_published_time":"2026-07-07T16:32:05+00:00","article_modified_time":"2026-07-07T16:32:08+00:00","og_image":[{"width":1024,"height":1024,"url":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png","type":"image\/png"}],"author":"Microtek Learning","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Microtek Learning","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#article","isPartOf":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/"},"author":{"name":"Microtek Learning","@id":"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/bbe6552c3446438e1417c5ada9c3664a"},"headline":"What Is Azure Policy? A Complete Guide to Azure Governance and Compliance","datePublished":"2026-07-07T16:32:05+00:00","dateModified":"2026-07-07T16:32:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/"},"wordCount":2389,"commentCount":0,"publisher":{"@id":"https:\/\/www.microteklearning.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png","articleSection":["Azure","Microsoft"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/","url":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/","name":"What Is Azure Policy? Guide to Governance & Compliance","isPartOf":{"@id":"https:\/\/www.microteklearning.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage"},"image":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png","datePublished":"2026-07-07T16:32:05+00:00","dateModified":"2026-07-07T16:32:08+00:00","description":"Learn what Azure Policy is, how it works, policy effects, initiatives, and remediation. A guide to enforcing governance & compliance in Azure.","breadcrumb":{"@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#primaryimage","url":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png","contentUrl":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/07\/azure-policy.png","width":1024,"height":1024,"caption":"Azure Policy"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microteklearning.com\/blog\/what-is-azure-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microteklearning.com\/blog\/"},{"@type":"ListItem","position":2,"name":"What Is Azure Policy? A Complete Guide to Azure Governance and Compliance"}]},{"@type":"WebSite","@id":"https:\/\/www.microteklearning.com\/blog\/#website","url":"https:\/\/www.microteklearning.com\/blog\/","name":"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity","description":"","publisher":{"@id":"https:\/\/www.microteklearning.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microteklearning.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microteklearning.com\/blog\/#organization","name":"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity","url":"https:\/\/www.microteklearning.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microteklearning.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/02\/PNG.png","contentUrl":"https:\/\/www.microteklearning.com\/blog\/wp-content\/uploads\/2026\/02\/PNG.png","width":150,"height":40,"caption":"IT Training Blog \u2013 Certifications, Cloud &amp; Cybersecurity"},"image":{"@id":"https:\/\/www.microteklearning.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/bbe6552c3446438e1417c5ada9c3664a","name":"Microtek Learning","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microteklearning.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b3b961db8f2a613263205e36e8b4dfde727d161bdfb64c5dbf51a2f4832239ec?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b3b961db8f2a613263205e36e8b4dfde727d161bdfb64c5dbf51a2f4832239ec?s=96&d=mm&r=g","caption":"Microtek Learning"},"sameAs":["http:\/\/ncrpackersmovers.in\/blogs"],"url":"https:\/\/www.microteklearning.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/posts\/2652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/comments?post=2652"}],"version-history":[{"count":4,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/posts\/2652\/revisions"}],"predecessor-version":[{"id":2663,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/posts\/2652\/revisions\/2663"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/media\/2657"}],"wp:attachment":[{"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/media?parent=2652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/categories?post=2652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microteklearning.com\/blog\/wp-json\/wp\/v2\/tags?post=2652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}