- Location restriction (limit resource creation to specific regions such as eastus, westus)
- VM size control (restrict to cost-effective sizes)
Only the below VM types should be allowed
- "Standard_B2s"
- "Standard_B2ms"
- Mandatory tagging (enforce department and project tags)
- Assign policies to subscription
- Use Data source to fetch the subscription details
- Apply configurations
- Verifying policy enforcement
- Creating compliant resources
- Creating non-compliant resources