https://www.patoune-it.fr/tags/governance/Recent content in Governance on Patoune-ITHugoenTue, 28 Apr 2026 10:00:00 +0200https://www.patoune-it.fr/posts/2026-04-28-azure-policy-automation/Tue, 28 Apr 2026 10:00:00 +0200https://www.patoune-it.fr/posts/2026-04-28-azure-policy-automation/<h2 id="what-is-an-azure-policy">What is an Azure Policy?</h2> <p>An Azure Policy is a governance rule applied to Azure resources. It ensures that an environment remains compliant with defined standards: security, naming conventions, allowed regions&hellip;</p> <p>There are three key concepts to distinguish.</p> <p>A <strong>Policy Definition</strong> is the rule itself. It defines what is evaluated and the effect triggered in case of non-compliance. The main effects are:</p> <table> <thead> <tr> <th>Effect</th> <th>Behavior</th> </tr> </thead> <tbody> <tr> <td><code>Audit</code></td> <td>Logs non-compliance, does not block</td> </tr> <tr> <td><code>Deny</code></td> <td>Blocks resource creation or modification</td> </tr> <tr> <td><code>DeployIfNotExists</code></td> <td>Automatically deploys an associated resource if absent</td> </tr> <tr> <td><code>Modify</code></td> <td>Modifies a property during creation/update</td> </tr> <tr> <td><code>Append</code></td> <td>Adds fields to the resource</td> </tr> </tbody> </table> <p>An <strong>Initiative</strong> (or <code>PolicySetDefinition</code>) is a grouping of multiple definitions. Rather than assigning each policy one by one, they are grouped into a coherent initiative, for example a security baseline or CIS compliance set.</p>