Create Bicep modules for Policy Assignments at the Subscription and Resource Group Scope - Githubissues

Azure / ALZ-Bicep

This repository contains the Azure Landing Zones (ALZ) Bicep modules that help deliver and deploy the Azure Landing Zone conceptual architecture in a modular approach. https://aka.ms/alz/docs

MIT License

741 stars 494 forks source link

Create Bicep modules for Policy Assignments at the Subscription and Resource Group Scope #702

Open MilesCameron-DMs opened 8 months ago

MilesCameron-DMs commented 8 months ago

Describe the feature end to end, including deployment scenario details under which the feature would occur.

I have found that ALZ-Bicep can only handle policy assignments at the management group scope utilising policyAssignmentManagementGroup.bicep

From my experience it is essential to have the ability to scope assignments at the subscription level and on the odd occasion, for example for multi-team subscriptions/landing zones, at the resource group level.

I believe the code should support all scoping levels.

Why is this feature important. Describe why this would be important for your organization and others. Would this impact similar orgs in the same way?

Policy assignment is one of the fundamental principles of ALZ - its essential that at least subscription scope is supported.

This will lead to over-complex MG structures if left.

Please provide the correlation id associated with your error or bug.

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Can you describe any alternatives that you have taken since this feature does not exist?

No response

Feature Implementation

No response

Check previous GitHub issues

[X] I have searched the issues for this item and found no duplicate

Code of Conduct

[X] I agree to follow this project's Code of Conduct

oZakari commented 7 months ago

Created feature and user story which can be referenced here:

azure-boards[bot] commented 6 months ago

✅ Successfully linked to Azure Boards work item(s):