Real-time control and cloud compliance at scale
Easily apply guardrails on all your resources
Reduce the time needed to audit your environments by having all your compliance data in a single place. Set guardrails throughout your resources to help ensure cloud compliance and misconfigurations. Reduce the number of external approval processes by implementing policies at the core of the Azure platform for increased developer productivity. Control and optimize your cloud spend to get more value from your investment.
Real-time policy enforcement and evaluation
Cloud policy management and security at scale
Automated remediation of existing resources at scale
Comprehensive compliance view of all your resources
Enforce policies on your resources
Create policies at the core of Azure to govern every existing resource or resources to be deployed. Manage your policies in a centralized location where you can track their compliance status and dig into the specific changes that made resources non-compliant. Enforce policies on your resources to set guardrails and make sure future configurations will be compliant per organizational or external standards and regulations.
Apply policies in the CI/CD pipeline
Take advantage of the native integration with Azure DevOps to surface policy violations before deployment and policy compliance assessments in the cloud after deployment. Give developers more agility while reducing the number of approval processes when releasing a build, and explain the reasons of non-compliance.
Automatically remediate non-compliant resources
Bring your resources into compliance using bulk remediation instead of going through them one at a time. Ensure that drift is minimized by configuring automated remediation tasks through the Azure portal, PowerShell, or CLI. Write custom policy definitions to fit your specific needs.
Secure and manage AKS clusters at scale
Control and assess compliance inside all AKS clusters at scale. Go deeper into your AKS clusters and apply policies for pods, namespaces, and ingress to ensure that they meet governance requirements. Choose either audit or enforcement policies to track compliance status or enforce configurations inside your AKS clusters.Learn more about Azure Policy for AKS
Security through effective governance
- Microsoft invests more than 1 billion USD annually on cybersecurity research and development.
- We employ more than 3,500 security experts focused on protecting your data and privacy.
- Azure has more certifications than any other cloud provider. View the comprehensive list.
Azure Policy pricing
Azure Policy is offered at no additional cost to Azure subscribers.
"Azure Policy empowered BP to obtain a better security, compliance, and audit profile. We found Azure policies to be a game changer simply because they provide built-in compliance controls on areas like compute, network, and various other Azure services."John Maio, Chief Architect, BP
"We are now confident that all of our IaaS is hardened to our very own standards, continuously helping us to reduce our attack surface across all our environments."Ian Margetts, Platform Lead (ALM), ASOS
Get started with Azure Policy
Documentation, training, and migration resources
Migrate to Azure
Visit the Azure migration center for resources to migrate apps, data, and infrastructure at your own pace. Use our free assessment, migration, and cost management tools to transition your on-premises workloads to Azure virtual machines.
And pay less with Azure: Amazon Web Services (AWS) is 5 times more expensive than Azure for Windows Server and SQL Server.
Frequently asked questions about Azure Policy
Azure Policy is generally available in all regions where Azure is available, including national clouds.
Yes. Azure Policy comes with a set of built-in policies, but you may also create custom policies.
Azure Policy supports all Azure resources.
Yes, you may exclude a resource, resource group, subscription, or management group from your policy assignment.