Skip to content

Latest commit

 

History

History
76 lines (52 loc) · 3.53 KB

allow-custom-vm-image.md

File metadata and controls

76 lines (52 loc) · 3.53 KB
title description services documentationcenter author manager editor ms.assetid ms.service ms.devlang ms.topic ms.tgt_pltfrm ms.workload ms.date ms.author ms.custom
Azure Policy json sample - Allow custom VM image from a resource group | Microsoft Docs
This json sample policy requires that custom images come from an approved resource group.
azure-policy
DCtheGeek
carmonm
azure-policy
sample
10/30/2017
dacoulte
mvc

Allow custom VM image from a resource group

This json sample policy requires that custom images come from an approved resource group. You specify the name of the approved resource group.

[!INCLUDE quickstarts-free-trial-note]

Sample template

[!code-jsonmain]

You can deploy this template using the Azure portal, with PowerShell or with the Azure CLI.

Deploy with the portal

Deploy to Azure

Deploy with PowerShell

[!INCLUDE sample-powershell-install]

$definition = New-AzureRmPolicyDefinition -Name "custom-image-from-rg" -DisplayName "Allow custom VM image from a Resource Group" -description "This policy allows only usage of images from a resource group" -Policy 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Compute/custom-image-from-rg/azurepolicy.rules.json' -Parameter 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Compute/custom-image-from-rg/azurepolicy.parameters.json' -Mode All
$definition
$assignment = New-AzureRMPolicyAssignment -Name <assignmentname> -Scope <scope>  -resourceGroupName <Resource Group Name> -PolicyDefinition $definition
$assignment

Clean up PowerShell deployment

Run the following command to remove the resource group, VM, and all related resources.

Remove-AzureRmResourceGroup -Name myResourceGroup

Deploy with Azure CLI

[!INCLUDE sample-cli-install]

az policy definition create --name 'custom-image-from-rg' --display-name 'Allow custom VM image from a Resource Group' --description 'This policy allows only usage of images from a resource group' --rules 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Compute/custom-image-from-rg/azurepolicy.rules.json' --params 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Compute/custom-image-from-rg/azurepolicy.parameters.json' --mode All

az policy assignment create --name <assignmentname> --scope <scope> --policy "custom-image-from-rg"

Clean up Azure CLI deployment

Run the following command to remove the resource group, VM, and all related resources.

az group delete --name myResourceGroup --yes

Next steps