How we can Find which Policy needs to be refreshed or which policies are refreshed.
Anto4595 opened this issue · comments
Currently, AzGovViz doesn't have a way to show the delta between what you have in your environment and what is currently available in the latest ALZ release. However, we do have a story in our backlog to work on adding that analysis to this tool, so that you can easily see which policies are out of date, etc. We're looking at working on this in July timeframe.
What you can do is use AzAdvertizer, and look at all the ALZ policy updates since you last deployed ALZ, but this would be a huge amount of work if you did your initial deployment more than a year ago.
Thank you to Clarify.
Apart from what you have answered.
- Once we have the analysis tool in AzGovViz. We can check policies are out of date. So it means that we need to refresh the policies manually whenever there is a new release ? or the policies are updated whenever there is a release ?
What we are using is EPAC for this, we update the definition files through a sync process within EPAC. In this link you can find more: EPAC
@Anto4595 besides using tools like Enterprise Policy as Code (EPAC) as @EelcoLabordus mentioned, we have the following official guidance available:
https://aka.ms/alz/update
https://aka.ms/alz/update/custom
You can also review the wiki on this repo:
https://aka.ms/alz/custompolicyupdate
Closing as there is no further action for the ALZ team. If you have follow queries, feel free to re-open or submit a new issue.