ResourceModules icon indicating copy to clipboard operation
ResourceModules copied to clipboard

Published 20 hours ago verified publisher icon Azure

[Feature Request]: Allow Resource level policy exemption

Open shawntmeyer opened this issue 1 year ago • 2 comments

Description

The current policyExemption modules only support exemptions at the MG, Sub, or RG levels. When policyExemptions are deployed to resources, they are treated as extensions. We need this capability to allow the creation of a storage account with public access when we have a policy applied to the Sub or MG that blocks this access.

If implemented, this would need to be added to all resource types as assignments can be created on every resource's level.

shawntmeyer avatar Mar 15 '23 01:03 shawntmeyer

Team will revisit the issue next week

rahalan avatar Mar 30 '23 15:03 rahalan

Blocking the overall implementation for the moment until we were able to sort out the remaining questions in the PR. If the PR is rejected afterall, this issue will be closed too - if not (i.e., it is merged), we may move it out of blocked again.

AlexanderSehr avatar Apr 13 '23 15:04 AlexanderSehr