A company has multiple Azure subscriptions for different departments. They want to enforce consistent policies across all subscriptions regarding allowed virtual machine sizes and require compliance reporting. Which Azure feature should they use?
Trap 1: Azure Blueprints
Blueprints are used to deploy and manage environments with templates, but they do not continuously enforce policies or provide compliance reporting.
Trap 2: Azure Resource Manager templates
ARM templates are for declarative infrastructure deployment, not for ongoing policy enforcement.
Trap 3: Role-Based Access Control (RBAC)
RBAC controls who has access to resources but does not enforce policies on resource properties like VM sizes.
- A
Azure Blueprints
Why wrong: Blueprints are used to deploy and manage environments with templates, but they do not continuously enforce policies or provide compliance reporting.
- B
Azure Resource Manager templates
Why wrong: ARM templates are for declarative infrastructure deployment, not for ongoing policy enforcement.
- C
Azure Policy
Azure Policy enforces rules on resources across subscriptions and provides compliance dashboards and reports.
- D
Role-Based Access Control (RBAC)
Why wrong: RBAC controls who has access to resources but does not enforce policies on resource properties like VM sizes.