In this lab, you will assume the role of an Azure security engineer. A common task asked of the Azure security engineer is to ensure compliance of Azure resources. In this hands-on lab, we will assign two Azure policies. Then, we will deploy a non-compliant resource and observe the results of the policy assigned.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Assign Azure Policies
- The first policy must block the deployment of resource groups when a
Cost Allocation
tag is not provided. - The second policy must inherit the
Cost Allocation
tag from the parent resource group when the tag is not present on a resource.
- The first policy must block the deployment of resource groups when a
- Create a Cost Allocation Tag for the Resource Group
- Create a
Cost Allocation
tag and attach it to the resource group.
- Create a
- Observe the Results of Policy Assignment
- Create a non-compliant resource by omitting the
Cost Allocation
tag. - View the tags of the non-compliant resource after creation.
- Create a non-compliant resource by omitting the