Skip to main content

Create custom policies for Microsoft Foundry

This article refers to the Microsoft Foundry (new) portal.
Learn how to use custom Azure policies to enable teams to self-manage Microsoft Foundry resources. Apply guardrails and constraints on allowed configurations so you can provide flexibility while meeting security and compliance requirements. By using custom policies, you can:
  • Enforce governance: Prevent unauthorized creation of Foundry hubs, projects, connections, or capability hosts.
  • Control resource behavior: Ensure security configurations, enforce tagging, or allow only approved integrations.
  • Ensure compliance: Apply enterprise security and operational standards consistently across environments.

Prerequisites

For more information, see What is Azure Policy?

Steps to create a custom policy

  1. Open policy in the Azure portal
  2. Define a new policy
    • In the Authoring section, select Definitions > + Policy definition.
    • Provide:
      • Definition location: Subscription or management group.
      • Name: A unique name (for example, Deny-Unapproved-Connections).
      • Description: Explain the purpose (for example, “Restrict Foundry connections to approved categories”).
      • Category: Use an existing category or create one such as AI Governance.
  3. Add policy rule
    • Enter the rule in JSON format. For example, to allow only approved connection categories:
{
  "properties": {
    "displayName": "Only selected Foundry connection categories are allowed",
    "policyType": "Custom",
    "mode": "All",
    "description": "Only selected Foundry connection categories are allowed",
    "version": "1.0.0",
    "parameters": {
      "allowedCategories": {
        "type": "Array",
        "metadata": {
          "description": "Categories allowed for Microsoft.CognitiveServices/accounts/connections and Microsoft.CognitiveServices/accounts/projects/connections",
          "displayName": "Allowed connection categories"
        },
        "defaultValue": [
          "BingLLMSearch"
        ]
      }
    },
    "policyRule": {
      "if": {
        "anyOf": [
          {
            "allOf": [
              {
                "field": "type",
                "equals": "Microsoft.CognitiveServices/accounts/connections"
              },
              {
                "field": "Microsoft.CognitiveServices/accounts/connections/category",
                "notIn": "[parameters('allowedCategories')]"
              }
            ]
          },
          {
            "allOf": [
              {
                "field": "type",
                "equals": "Microsoft.CognitiveServices/accounts/projects/connections"
              },
              {
                "field": "Microsoft.CognitiveServices/accounts/projects/connections/category",
                "notIn": "[parameters('allowedCategories')]"
              }
            ]
          }
        ]
      },
      "then": {
        "effect": "deny"
      }
    },
    "versions": [
      "1.0.0"
    ]
  }
}
This policy denies creation of Foundry connections when the connection category isn’t in the allowedCategories parameter. It applies to both Microsoft.CognitiveServices/accounts/connections and Microsoft.CognitiveServices/accounts/projects/connections. To customize the behavior, update allowedCategories (or override it when you assign the policy) with the connection categories your organization approves. References:
  1. Assign the policy
    • After saving, assign the policy to the desired scope (subscription, resource group, or hub).
  2. Validate the policy assignment
    • Try to create a connection with a category that isn’t in allowedCategories and confirm the request is denied.
    • Try to create a connection with a category that is in allowedCategories and confirm the request succeeds.

Common custom policy scenarios

  • Allow only approved connection categories
    Block any connection category other than those approved by your organization.
  • Deny connections that use API keys as the authentication type
    Require all other authentication types because API keys are typically less secure.
  • Audit Foundry resources without a valid Agent capability host
    Check for the existence of a virtual network subnet ARM ID and custom storage resources when using Agent service in a regulated environment.
  • Deny creation of account kinds that don’t have full Foundry capabilities
    Ensure new accounts are configured so users can access all Foundry capabilities.

Sample library

Explore ready-to-use templates and examples in the GitHub repository:
Custom policy definitions This library includes JSON templates for common scenarios.

Next steps

  • Review Built-in Policies for Foundry for built-in and custom policies for comprehensive compliance.
  • Test policies in a nonproduction environment before enforcing them broadly.

Troubleshooting

  • If you can’t create or assign a policy definition, confirm you have the required role at the scope you’re using.
  • If a connection isn’t blocked as expected, confirm the policy assignment scope includes the target resource.
  • If a policy blocks more resources than expected, review the allowedCategories value used in the assignment.