stackoom
  简体   繁体   中英

Microsoft Azure - Limit resource group elements - custom policy

 原文  2020-01-22 15:29:52       azure/ azure-resource-manager

Question

my goal is to limit the creation of resource type per owner/collaborator of a specific Resource Group. Example: User_Group_XXX accessed by account YYY:

  • MAX 2 VM - Standard D2s v3
  • MAX 1 Kubernetes Cluster with 2 node - Standard DS2 v2

NO more than that and NO other type of resources.

How can I include those limits?

1 answers

solution1
 2 ACCPTED  2020-01-22 15:36:33

this is not possible by definition. Azure Policy looks at individual resource properties, so there is no way to have it do something like that (so check other resources and apply policy based on those resource to a the resource in question).

although, you could easily create a policy to only allow virtual machines\\aks clusters.

again, policies cannot be scoped to users

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question limit Resource Group cost - Azure microsoft azure - resource group vs container group Azure Policy: Delete lock on resource group What is the Action/NotAction in a custom role to restrict Azure Policy add/change/delete to a resource group? Azure Custom Tag Policy, Exclude resource type Maximum limit of deployments in Azure Resource Group Azure policy to auto add user group in resource group contributors azure arm policy to deny resource group without tags How do you DeployIfNotExists a resource group with azure policy? Azure Policy Deny :if one of the tag not present in the resource group name
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM