Microsoft Azure – Create and Assign Policy for “Not Allowed Resource Types”

Pre-requisite: Azure

In this article, we will show you how to deny the resource creation of your choice on azure subscriptions or management groups by implementing a rule policy. By implementing this policy on the specific subscription you can restrict your subscription users to create unwanted resources and also reduce the additional cost incurred. Let’s get started by implementing one.

Pre-requisites: Owner access on subscription or management group is required to implement this policy on target azure subscription scope.

Steps to Create and Assign Policy

Step 1: Log in to Azure Portal.

Step 2: Go to Policy >> then from the menu select Authoring >> Definitions.

Step 3: Type in and search for “Not Allowed Resource Types” and select.

 

Step 4: Click on the Assign to implement the rule.

 

Step 5: Under the section of Basics, select the Scope of the subscription which you want to restrict the creation and enable policy enforcement.

 

Step 6: Switch to the Parameters tab and choose the required resource type to restrict creation with this “Not Allowed Resource Types”. 

Example: We have selected “public clouds” You can select as many as you wish to restrict in the same policy.

 

Step 7: Click on Review + Create.

By applying this policy, If someone tries to public clouds in a subscription it will deny to create it and says it’s against policies in the notification.