Your company has an Azure subscription that contains resources in several regions.
A company policy states that administrators must only be allowed to create additional Azure resources in a region in the country where their office is located.
You need to create the Azure resource that must be used to meet the policy requirement.
What should you create?
Click on the arrows to vote for the correct answer
A. B. C. D.B
Azure policies can be used to define requirements for resource properties during deployment and for already existing resources. Azure Policy controls properties such as the types or locations of resources.
Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy meets this need by evaluating your resources for non- compliance with assigned policies. All data stored by Azure Policy is encrypted at rest.
Azure Policy offers several built-in policies that are available by default. In this question, we would use the 'Allowed Locations' policy to define the locations where resources can be deployed.
https://docs.microsoft.com/en-us/azure/governance/policy/overviewThe correct answer is B. an Azure policy.
An Azure policy is a service in Azure that enables you to create, assign, and manage policies that enforce different rules and effects over your resources. Policies can be used to ensure that all resources deployed within a subscription or management group follow a set of guidelines or standards.
In this case, the company policy requires administrators to create additional Azure resources only in a specific region. By using Azure policies, you can ensure that only resources that comply with the policy are deployed in that region.
To implement the policy, you can create an Azure policy definition that specifies the allowed regions for resource deployment. You can then assign the policy definition to the subscription or management group that contains the resources. Once the policy is in place, any attempt to create a resource in a non-allowed region will be blocked.
Option A, a read-only lock, would prevent any modifications to the resources in a particular region but would not restrict new resource creation.
Option C, a management group, is a way to organize resources and apply policies across multiple subscriptions. While it could be used to help manage the policy, it is not the primary mechanism for enforcing the policy.
Option D, a reservation, is a way to prepay for a certain amount of Azure resources and get a discounted rate. It is not relevant to enforcing the policy requirement stated in the question.