Description
Policy JSON definitions exist in policies/ (require-tags.json, deny-unused-resource-types.json) but there is no PowerShell script to deploy them to Azure. The cleanup strategy Phase 3 (Governance) requires deploying policies in Audit mode.
Proposed Script
policies/Deploy-AzurePolicies.ps1 with:
-Mode parameter: Audit (default) or Deny-Scope parameter: subscription or management group-WhatIf support- Deploys both policy definitions and assignments
- Logs deployment results
Acceptance Criteria
Description
Policy JSON definitions exist in
policies/(require-tags.json, deny-unused-resource-types.json) but there is no PowerShell script to deploy them to Azure. The cleanup strategy Phase 3 (Governance) requires deploying policies in Audit mode.Proposed Script
policies/Deploy-AzurePolicies.ps1with:-Modeparameter: Audit (default) or Deny-Scopeparameter: subscription or management group-WhatIfsupportAcceptance Criteria
-WhatIfshows what would be deployed without making changes