A department has 12 subscriptions under a management group named Corp. New resources must be deployed only in East US or West US and must include a CostCenter tag. A pilot subscription must be exempt from these rules during testing. Which two actions should you take? Select two.
A management-group assignment applies the same governance to current and future subscriptions underneath it.
Why this answer
Option A is correct because assigning an initiative (a collection of policy definitions) at the Corp management-group scope ensures that all 12 subscriptions inherit both the location restriction and the CostCenter tag requirement. This is the most efficient and scalable way to enforce governance across multiple subscriptions without repeating assignments.
Exam trap
The trap here is that candidates may think individual policy assignments at each resource group (Option C) are acceptable, but Azure Policy is designed to be assigned at higher scopes (management group or subscription) for inheritance, and they may also confuse RBAC roles (Option D) with policy enforcement.