Deploy associations for a managed application using Azure Policy

Azure policies can be used to deploy associations to associate resources to a managed application. In this article, we describe a built-in policy that deploys associations and how you can use that policy.

Built-in policy to deploy associations

Deploy associations for a managed application is a built-in policy that associates a resource type to a managed application. The policy deployment doesn't support nested resource types. The policy accepts three parameters:

  • Managed application ID - This ID is the resource ID of the managed application to which the resources need to be associated.
  • Resource types to associate - These resource types are the list of resource types to be associated to the managed application. You can associate multiple resource types to a managed application using the same policy.
  • Association name prefix - This string is the prefix to be added to the name of the association resource being created. The default value is DeployedByPolicy.

How to use the deploy associations built-in policy

Prerequisites

If the managed application needs permissions to the subscription to perform an action, the policy deployment of association resource wouldn't work without granting the permissions.

Policy assignment

To use the built-in policy, create a policy assignment and assign the deploy associations for a managed application policy. After the policy is assigned successfully, the policy identifies noncompliant resources and deploy associations for those resources.

Screenshot of Azure portal to create a policy assignment and assign the deploy associations policy.