Share via

Help with compliance policy resolution.

Ashutosh Jadhav 0 Reputation points
2025-10-21T09:37:41.46+00:00

We are trying to comply with the policy "Security Center standard pricing tier should be selected" in Azure Policy. However, for certain resources, the policy requests an upgrade to the Standard pricing tier.User's image

Our concern is that even if we upgrade, there will be no practical benefit because we are not using API Management or AI services associated with this tier.

Additionally, there is no “Exempt” option available for this policy assignment, which prevents us from marking these resources as compliant without performing the upgrade.User's imageUser's image

Could you please advise how we can:

Exempt specific resources from this policy, or

  1. Achieve compliance without upgrading to the Standard pricing tier? User's image

Thanks,

Ashutosh

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Siva shunmugam Nadessin 2,070 Reputation points Microsoft External Staff Moderator
    2025-10-21T16:34:12.7+00:00

    Hello Ashutosh Jadhav,

    As discussed in the call, kindly delete the unused resource and see if it resolves?

    If not follow the below steps

    1. Understanding Policy Assignment Scope: Ensure that when you're assigning the policy, the scope is appropriate for the resources you want to affect. If certain resources don't need the Standard tier, the policy might need to exclude them explicitly.
    2. Custom Policy Definition: Since Azure Policy does not have an "Exempt" option for the particular assignment you are working with, you might consider creating a custom policy definition that allows for the exclusion of specific resources. More details on creating a custom policy definition can be found here.
    3. Utilize Policy Remediation: If the resources you’re trying to mark as compliant truly don't benefit from the Standard tier, you could look into using remediation tasks for policies that have actions such as deployIfNotExists or modify. This can help bring resources into compliance without manual upgrades, as long as they are set to a suitable state as per the policy requirements.
    4. Policy Feedback Submission: If the lack of an exempt option is a significant pain point, consider submitting a feature request in the Azure Policy Ideas Forum for better flexibility with policy exemptions.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.