Azure Policy - Cloud Policy and Compliance Management

Easily apply guardrails on all your resources

Reduce the time needed to audit your environments by having all your compliance data in a single place. Set guardrails throughout your resources to help ensure cloud compliance and misconfigurations. Reduce the number of external approval processes by implementing policies at the core of the Azure platform for increased developer productivity. Control and optimize your cloud spend to get more value from your investment.

Azure Policy for Azure Kubernetes Service (AKS) is now in limited preview. Read the blog

Real-time policy enforcement and evaluation

Cloud policy management and security at scale

Automated remediation of existing resources at scale

Comprehensive compliance view of all your resources

Enforce policies on your resources

Create policies at the core of Azure to govern every existing resource or resources to be deployed. Manage your policies in a centralized location where you can track their compliance status and dig into the specific changes that made resources non-compliant. Enforce policies on your resources to set guardrails and make sure future configurations will be compliant per organizational or external standards and regulations.

Apply policies in the CI/CD pipeline

Take advantage of the native integration with Azure DevOps to surface policy violations before deployment and policy compliance assessments in the cloud after deployment. Give developers more agility while reducing the number of approval processes when releasing a build, and explain the reasons of non-compliance.

Automatically remediate non-compliant resources

Bring your resources into compliance using bulk remediation instead of going through them one at a time. Ensure that drift is minimized by configuring automated remediation tasks through the Azure portal, PowerShell, or CLI. Write custom policy definitions to fit your specific needs.

Secure and manage AKS clusters at scale

Control and assess compliance inside all AKS clusters at scale. Go deeper into your AKS clusters and apply policies for pods, namespaces, and ingress to ensure that they meet governance requirements. Choose either audit or enforcement policies to track compliance status or enforce configurations inside your AKS clusters.

Learn more about Azure Policy for AKS

Security through effective governance

Microsoft invests more than USD 1 billion annually on cybersecurity research and development.
We employ more than 3,500 security experts focused on protecting your data and privacy.
Azure has more certifications than any other cloud provider. View the comprehensive list.

Learn more about security on Azure

Azure Policy pricing

Azure Policy is offered at no additional cost to Azure subscribers.

See Azure Policy pricing

"Azure Policy empowered BP to obtain a better security, compliance, and audit profile. We found Azure policies to be a game changer simply because they provide built-in compliance controls on areas like compute, network, and various other Azure services."
John Maio, Chief Architect, BP

"We are now confident that all of our IaaS is hardened to our very own standards, continuously helping us to reduce our attack surface across all our environments."
Ian Margetts, Platform Lead (ALM), ASOS

Get started with Azure Policy

Assign a built-in policy to your resources.

Determine causes of non-compliance.

Learn governance best practices through the Cloud Adoption Framework.

Documentation, training, and migration resources

Migrate to Azure

Visit the Azure migration center for resources to migrate apps, data, and infrastructure at your own pace. Use our free assessment, migration, and cost management tools to transition your on-premises workloads to Azure virtual machines.

And pay less with Azure: Amazon Web Services (AWS) is 5 times more expensive than Azure for Windows Server and SQL Server.

Developer documentation

Learn how to programmatically create Azure policies.

Self-paced labs

Acquire the skills you need at your own pace using our free governance labs.

Frequently asked questions about Azure Policy

Azure Policy is generally available in all regions where Azure is available, including national clouds.
Yes. Azure Policy comes with a set of built-in policies, but you may also create custom policies.
Azure Policy supports all Azure resources.
Yes, you may exclude a resource, resource group, subscription, or management group from your policy assignment.

Create your first policy today using Azure Policy

Start now