Azure Updates - Latest from Azure Charts

Automating Arc-enabled SQL Server license type configuration with Azure Policy

Mon, 13 Apr 2026 06:53:00 Z

Azure Arc enables customers to onboard SQL Server instances — hosted on Linux or Windows — into Azure, regardless of where they are hosted: on‑premises, in multicloud environments, or at the edge. O...
Update Type: Announcement, Services: Azure Policy, Azure Arc, Categories:

Announcing Private Preview: Deploy Ansible Playbooks using Azure Policy via Machine Configuration

Wed, 01 Apr 2026 14:01:00 Z

Azure Arc is on a mission to unify security, compliance, and management for Windows and Linux machines—anywhere. By extending Azure’s control plane beyond the cloud, Azure Arc enables organizations t...
Update Type: Preview, Services: Azure Policy, Azure Arc, Categories:

Azure Policy faster enforcement and retirement of login/logout workaround

Wed, 04 Mar 2026 21:15:02 Z

Over the years, we’ve made significant investments to improve the responsiveness of the Azure Policy service. As a result, policy assignment creation and updates for Resource Manager mode policies now get enforced within 5 minutes.In light of cache refres
Update Type: Deprecation, Services: Azure Policy, Categories: Compliance, Management, Retirements

Azure Policy: Required Actions for Docker Content Trust Deprecation in Azure Container Registry

Wed, 17 Dec 2025 22:36:00 Z

As Azure evolves, certain features are deprecated to streamline services and improve security and performance. One such upcoming change is the deprecation of the Docker Content Trust (DCT) feature in...
Update Type: Announcement, Services: Container Registry, Azure Policy, Categories:

Built-in CIS benchmarks for Azure endorsed Linux distros in Machine Config

Tue, 18 Nov 2025 16:00:16 Z

Microsoft Azure now offers built-in Center for Internet Security (CIS) benchmarks in public preview for all Azure endorsed Linux distributions through Azure Machine Configuration’s new customizable security benchmarks capability, powered by azure-osconfig
Update Type: Preview, Services: Azure Policy, Azure Arc, Categories: Management

Introducing Customizable Security Baselines in Azure Policy and Machine Configuration

Thu, 13 Nov 2025 16:44:00 Z

Background: Azure Machine Configuration remains committed to enabling greater security and simplicity in at-scale server management for all Azure customers. Machine Configuration (previously known as...
Update Type: Announcement, Services: Azure Policy, Categories: Security

How to control your Azure costs with Governance and Azure Policy

Wed, 28 May 2025 03:00:00 Z

Azure resources can be configured in many ways, including ways which affect their performance, security, reliability, available features and ultimately cost. The challenge is, all these resourc...
Update Type: Announcement, Services: Azure Policy, Categories:

Common Azure Policy Issues and Solutions

Wed, 21 May 2025 15:00:00 Z

Azure Policy is a powerful tool for enforcing governance and compliance in Azure environments, but users often encounter issues that can hinder its effectiveness. Below is a concise overview of commo...
Update Type: Announcement, Services: Azure Policy, Categories:

Removal of Azure Policy aliases for Microsoft.Insights/alertRules

Wed, 05 Mar 2025 18:31:00 Z

As Azure continues to evolve, certain resource types and features are periodically deprecated to make way for more efficient and advanced solutions. This was the case for Azure Monitor classic alerts...
Update Type: Announcement, Services: Azure Monitor, Azure Policy, Categories:

Azure Automange Best Practices Migrating to Azure Policy

Thu, 26 Sep 2024 07:00:00 Z

Azure Automanage Best Practices was useful for automating the configuration and management of virtual machines according to Azure's best practices. It achieved this by automatically onboarding VMs to services like Azure Monitor, Backup, and Microsoft Defe
Update Type: Deprecation, Services: Virtual Machines, Azure Monitor, Azure Policy, Azure Automanage, Categories: Compliance, Services, Management, Retirements

Retirement: Azure Automanage Best Practices Retirement. Migrate to Azure Policy

Thu, 26 Sep 2024 00:00:00 Z

Azure Product Retirement: Azure Automanage Best Practices on 09/30/2027. Replace with Azure Policy.
Update Type: Deprecation, Services: Azure Policy, Azure Automanage, Categories: Compliance, Services, Management, Retirements

Manage NSG association on Subnets via Azure Policy

Thu, 12 Sep 2024 08:27:27 Z

In this blog article, we will cover how to deny the creation of a subnet in a Virtual Network if the subnet does not have a Network Security Group associated with it, using a custom Azure Policy.You can follow the steps below to create a custom policy:1) From the Azure portal, access Azure policy, then definitions blade.2) Create a new policy definition. 3) Add the definition location (which subscription will be hosting this policy), Name, and description.4) Set the category to use existing and select Networking (as below): 5) Then add the below policy definition into the rule field:Note: you can adjust the below parameters as needed, also the below example excludes the following subnets. You can add more subnets of your choice. "GatewaySubnet","AzureFirewallSubnet","AzureBastionSubnet","AzureFirewallManagementSubnet" { "mode": "All", "parameters": { "excludedSubnets": { "type": "Array", "metadata": { "displayName": "Excluded subnets", "description": "The list of subnet names to exclude from the policy" }, "defaultValue": [ "GatewaySubnet", "AzureFirewallSubnet", "AzureBastionSubnet", "AzureFirewallManagementSubnet", "YourCustomSubnet" ] } }, "policyRule": { "if": { "anyOf": [ { "allOf": [ { "field": "type", "equals": "Microsoft.Network/virtualNetworks" }, { "not": { "field": "Microsoft.Network/virtualNetworks/subnets[*].networkSecurityGroup.id", "exists": true } }, { "field": "Mi
Update Type: Announcement, Services: Azure Policy, Virtual Network, Categories: Security, Management

Deny inbound NSG Rule creation via Azure Policy

Wed, 11 Sep 2024 00:00:00 Z

Deny inbound NSG Rule creation via Azure Policy
Update Type: Announcement, Services: Azure Policy, Categories:

Azure Policy support for Azure Database for PostgreSQL - Flexible Server

Fri, 16 Aug 2024 07:00:00 Z

We are excited to announce that Azure Policy support for Azure PostgreSQL - Flexible Server is now generally available. This new feature helps you enforce rules and check compliance easily across your Azure resources. With Azure Policy, you can set, assig
Update Type: GA, Services: Database for PostgreSQL, Azure Policy, Categories: Features

Generally Available: Azure Policy support for Azure Database for PostgreSQL - Flexible Server

Fri, 16 Aug 2024 00:00:00 Z

Help ensure compliance and security with Azure Policy support for Azure PostgreSQL - Flexible Server.
Update Type: GA, Services: Database for PostgreSQL, Azure Policy, Categories: Features

Introducing the Azure Policy Community Repo

Thu, 15 Aug 2024 18:31:09 Z

Introducing the Azure Policy Community Repo What is the Azure Policy Community Repo? The Azure Policy Community Repo is a collaborative space for Azure customers and Microsoft teams to share and create custom policies, enhancing cloud governance and compliance. Benefits of Contributing to the Community Repo Direct Impact: Support organizations in enforcing standards and assessing compliance at scale. Recognition: Share innovative solutions to gain visibility within the Azure community. Enhanced Resource Pool: Access and contribute to a growing repository, amplifying the success of the Azure ecosystem in achieving robust compliance. How to Contribute To contribute, submit a Pull Request to the Azure Community Policy Repo. For your convenience, we have attached detailed steps for submitting your Pull Request, ensuring a smooth process. Ensure your submission includes a consent statement for use and sharing, and that your policies are generic enough to maintain privacy and confidentiality while providing valuable insights for compliance and standard enforcement. How to Create a Pull Request for Azure Community Policy Contributions Contributing to the Azure Community Policy repository is a valuable way to share your Azure policy solutions with a wider audience. Follow these step-by-step instructions to create and submit your Pull Request. Step 1: Fork the Repository Visit the Azure Community Policy repository on GitHub. Click on the "Fork" button at the top right corner to create a copy of the repository in your GitHub account. Step 2: Clone the Repository Navigate to your forked repository. Use the "Clone or download" button to copy the repository URL. Clone the repository to your local machine using the Git command: git clone [URL] Step 3: Create a New Branch Navigate into the cloned repository directory on your machine. Create a new branch for your contributions: git checkout -b [branch_name] Step 4: Make Your Changes Add or modify policies in your b
Update Type: Announcement, Services: Azure Policy, Categories: Compliance

Public Preview Announcement: Azure Policy Built-in Versioning

Tue, 09 Jul 2024 18:00:00 Z

Welcome to a new era of policy management, where policy definitions are more agile, adaptable, and accessible than ever before! We are thrilled to introduce version management support for controlled built-in definition and initiative updates through Azure Policy. In a push to empower and simplify policy management, built-in definitions and initiatives will have the ability to store & reference multiple versions within a single definition ID. This new development will enhance your ability to govern, enforce and evolve your cloud governance policies. Keep reading for more information and be sure to check out our video walk-through of versioning to get started and learn more. What's new? Now, built-in definitions and initiatives can reference multiple versions within a single definition ID! This will help with: Regulated updates: All built-in definitions will be reviewed and evaluated to stay aligned with versioning guidelines standards. Change Management: Version will provide visibility into the evolution of built-in definitions and initiatives over each iteration. Controlled application and enforcement: Users can specify what version of the definition or initiative to be assessed against at assignment time. Gradual Rollout: Versioning in collaboration with assignment resource selectors and overrides can be used to introduce new versions of definitions gradually into the environment. Testing and quality assurance: Different versions of definitions may undergo different stages of roll out and application. Versioning awareness: Applicable version number will be shown in compliance logs on a per resource basis. Ready to dive in? Keep reading to discover how you can get started with Policy versioning and make the most of these new capabilities! Getting started: All built-in definitions and initiatives have been updated to be on the latest current version. This can be seen in the portal, or through maki
Update Type: Preview, Services: Azure Policy, Categories: Compliance, Management

Azure Policy Support is Generally Available for PostgreSQL Flexible Server

Mon, 01 Jul 2024 18:06:08 Z

What is Azure Policy? Azure Policy is a service within Microsoft Azure that allows organizations to create, assign, and manage policies. These policies define rules and effects over resources, identities, and groups, in an effort to ensure compliance and uphold security. Enforcement comes in two forms – flagging noncompliance so your team can remediate the concern or simply blocking deployment. Core Concepts of Azure Policy At the heart of Azure Policy are two core components: policies and initiatives. Policies in Azure are the specific rules or guidelines, while initiatives are collections of policies that help achieve a broader compliance goal. Let’s break down the components of policies below. A policy definition expresses what to evaluate and what action to take. Each policy definition in Azure Policy has a set of conditions under which it’s enforced and an accompanying effect that takes place if the conditions are met. Policy effects is what happens when the conditions are met. Some common effects include: Deny, Audit, Append, Disabled, and DeployIfNotExists Policy parameters are used to provide flexibility and reduce policy definition redundancy. They allow you to reuse the policy definition for different scenarios. Think of them as fields on a form to fill out – name, city, birthdate, address, etc. They remain, but how you fill them out can change. Policy assignments are the application of a policy or initiative to a specific scope (subscription, management group, etc.) Pic 1. Structure of Azure Policy (credit Sonrai Security) Advantages of Azure Policy Main benefits of using Azure Policy include consistent governance across all resources, streamlined management of policy enforcement, improved security and compliance, and increased visibility and control over cloud resources. Azure Policy vs. Azure Role Based Access Control (RBAC) Azure Policy and Azure Role-Based Access Control (RBAC) differ significantly. While Azure Policy focuses on reso
Update Type: GA, Services: Database for PostgreSQL, Azure Policy, Categories: Compliance, Security, Services, Management

Azure Governance Update - Management Groups

Thu, 02 May 2024 00:00:00 Z

Beginning May 3, 2024, Azure will start enabling the root management group for tenants that have not enabled it yet. Using Azure management groups leverages best practices when applying Azure Policy and having it pre-enabled reduces the initial set up work to follow the best practices.
Update Type: Announcement, Services: Azure Policy, Categories: Management

Monitor Azure Virtual Network Manager changes with event logging

Wed, 08 Mar 2023 14:00:00 -0800

Azure Virtual Network Manager event logging is now in preview.
Update Type: Announcement, Services: Azure Policy, Virtual Network, VNet Manager, Categories: Security

Enabling resilient DevOps practices with code to cloud automation

Mon, 05 Oct 2020 00:00:00 -0700

At Microsoft Ignite we announced new GitHub Actions for Azure, which we added to our growing catalogue of Azure and GitHub integrations, with more to come soon.
Update Type: Announcement, Services: Virtual Machines, Azure Policy, Categories:

Announcing preview of Backup Reports

Wed, 04 Mar 2020 00:00:00 -0800

We recently announced a new solution, Backup Explorer, to enable you as a backup admin to perform real-time monitoring of your backups, helping you achieve increased efficiency in your day-to-day operations.
Update Type: Announcement, Services: Azure Backup, Azure Policy, Azure Lighthouse, Categories:

Measuring your return on investment of Azure as a compliance platform

Mon, 07 Oct 2019 00:00:00 -0700

I’m pleased to announce the release of Microsoft Azure is Helping Organizations Manage Regulatory Challenges More Effectively, a new International Data Corporation (IDC) white paper based on original research by IDC and sponsored by Microsoft.
Update Type: Announcement, Services: Azure Blueprints, Azure Policy, Categories: Security

Preview of custom content in Azure Policy guest configuration

Thu, 22 Aug 2019 00:00:00 -0700

Today we are announcing a preview for a new feature of Azure Policy. The guest configuration capability, which audits settings inside Linux and Windows virtual machines (VMs), is now ready for customers to author and publish custom content.
Update Type: Announcement, Services: Virtual Machines, Azure Policy, Categories:

Announcing Azure Government Secret private preview and expansion of DoD IL5

Wed, 17 Apr 2019 00:00:00 -0700

Today we’re announcing a significant milestone in serving our mission customers from cloud to edge with the initial availability of two new Azure Government Secret regions, now in private preview and pending accreditation.
Update Type: Announcement, Services: Azure Blueprints, Azure Policy, Categories: Security

Azure management groups now in general availability

Tue, 31 Jul 2018 00:00:00 -0700

Management groups now in general availability.
Update Type: Announcement, Services: Azure Policy, Categories: Management

Preview: programmatically create Azure enterprise subscriptions using ARM APIs

Tue, 17 Apr 2018 00:00:00 -0700

We've created an API and a suite of SDK for Azure EA subscription creation.
Update Type: Announcement, Services: Azure Policy, Categories: