Azure Stack Policy Module for Azure

When you want to deploy your services across both Azure & Azure Stack, you need to make sure that both environments has the same resources and services available. Also the resources should be compatible with each other. The Azure Stack Policy module enables the same versioning and services that Azure Stack has in your Azure subscription. This will allow you to create a new Azure Policy that limits the available resources in your Azure environment to that of Azure Stack.

Let’s see how we can achieve this with PowerShell.

Installing the Policy Module

Apply the Policy

If you want to apply the default Azure Stack policy to your Azure subscription itself, you can use the below example.

Login-AzureRmAccount
$s = Select-AzureRmSubscription -SubscriptionName "<Azure Subscription Name>"
$policy = New-AzureRmPolicyDefinition -Name AzureStackPolicyDefinition -Policy (Get-AzsPolicy)
$subscriptionID = $s.Subscription.SubscriptionId
New-AzureRmPolicyAssignment -Name AzureStack -PolicyDefinition $policy -Scope /subscriptions/$subscriptionID

If you want to apply the policy into a particular resource group, you can execute the below snippet. This is useful when you have other Azure services running in the same Azure subscription which are not compatible with Azure Stack. Targeting a specific resource group to deploy the default Azure Stack policy will allow you to test apps that are developed for Azure Stack.

Login-AzureRmAccount
$rgName = '<resource group name>'
$s = Select-AzureRmSubscription -SubscriptionName "<Azure Subscription Name>"
$policy = New-AzureRmPolicyDefinition -Name AzureStackPolicyDefinition -Policy (Get-AzsPolicy)
New-AzureRmPolicyAssignment -Name AzureStack -PolicyDefinition $policy -Scope /subscriptions/$subscriptionID/resourceGroups/$rgName