Complete the code to create a new Azure Policy definition with a display name.
az policy definition create --name 'policy1' --display-name [1] --rules 'rules.json' --mode All
The --display-name parameter sets the friendly name of the policy. "Enforce tag on resources" is a valid descriptive name.
Complete the code to assign the policy definition to a subscription.
az policy assignment create --name 'assign1' --policy [1] --scope /subscriptions/12345678-1234-1234-1234-123456789abc
The --policy parameter requires the policy definition name or ID. "policy1" matches the policy created earlier.
Fix the error in the policy rule JSON snippet to check if a tag named 'environment' exists.
"if": { "field": "tags.[1]", "exists": true }
The field name must exactly match the tag key. Here, 'environment' is the correct tag key to check.
Fill both blanks to create a policy rule that denies resource creation if the tag 'costCenter' is missing.
"if": { "field": "tags.[1]", "exists": [2] }, "then": { "effect": "deny" }
The policy checks if the tag 'costCenter' does not exist (exists: false) and denies the action.
Fill all three blanks to create a policy rule that audits virtual machines with a specific SKU.
"if": { "field": "type", "equals": [1] }, "then": { "effect": [2], "details": { "skuName": [3] } }
The policy audits virtual machines (type), sets the effect to audit, and checks for the SKU Standard_DS1_v2.