Can someone list all the possible supported values for "field" in the Azure Policy

Question

It's becoming hectic to find the values for the "field" when writing the custom policies.

Some of the values of the built-in values for "field" are:

type
location
name
tags
kind
Microsoft.Compute/virtualMachines/sku.name
Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly
Microsoft.Storage/storageAccounts/networkAcls.ipRules
Microsoft.Compute/virtualMachines/extensions/publisher
Microsoft.Compute/virtualMachines/extensions/type
Microsoft.Sql/transparentDataEncryption.status
Microsoft.Storage/storageAccounts/allowBlobPublicAccess
Microsoft.Network/expressRouteCircuits/serviceProvider.bandwidthInMbps
Microsoft.Network/networkSecurityGroups/securityRules

Please feel free to add more if you guys can come across anything. Thanks.

Could you elaborate what exactly you are looking into! – Jahnavi Nov 29 '22 at 08:09 — Jahnavi, Nov 29 '22 at 08:09

score 0 · Answer 1 · answered Nov 29 '22 at 11:44

If you refer to the fields that can be used in custom policy rules to define conditions when the policy is enforced, here is the list from Microsoft documentation:

name
fullName
kind
type
location
id
tags
tags['<tagName>']
property aliases

Note that the list of aliases is constantly growing. The best way to find what aliases are currently supported by Azure Policy is to use the Azure Policy extension for Visual Studio Code. It allows to view and discover aliases for resource properties:

It is also possible to get the list of aliases using Azure PowerShell:

# Login first with Connect-AzAccount if not using Cloud Shell

# Use Get-AzPolicyAlias to list available providers
Get-AzPolicyAlias -ListAvailable

# Use Get-AzPolicyAlias to list aliases for a Namespace (such as Azure Compute -- Microsoft.Compute)
(Get-AzPolicyAlias -NamespaceMatch 'compute').Aliases

Azure CLI and REST API methods are described here too.

Can someone list all the possible supported values for "field" in the Azure Policy

1 Answers1