Azure Policy Visual Studio Code Extension
Azure Policy enforces standards and evaluates compliance at scale for your Azure environment. This extension is for authoring and managing policy definitions and assignments.
Azure Policy Visual Studio Code extension simplifies the experience of authoring policies by enabling alias property look-up inline with the resource or policy definition.
On the top left in the 'Resources' tree view, under each subscription there are two folders: 'Resource Providers' and 'Resource Groups'. Under 'Resource Providers', resources are divided by resource provider such as 'Microsoft.Compute' or 'Microsoft.Network' that are registered to the selected subscription. This view shows all resources, including proxy resources, organized by Resource Provider namespace and resource type. Under 'Resource Groups', resources are divided by resource group. The Resource Groups view shows only tracked resources (resources that are members of a resource group).
At the bottom left, in the 'Policies' tree view, under each subscription there are four folders: 'Built-in Policies', 'Custom Policies', 'Policy Assignments', and 'Policy Initiatives'. This view shows all of the policy objects for the given subscription divided by those types.
- View resource and policy contents
- Select a tree view node to view the contents of the resource or policy in a tab on the right.
- Quick view of aliases
- Hover over resource property or values to discover a property's alias.
- Tree view
- View resources, definitions, and assignments at subscription level.
- Search for resources and policies in the Command Palette.
- Settings to select four different filtered views for resources
- Filter By Any Aliases: Under 'Resource Providers' show only namespaces and resource types that have published policy aliases.
- Filter By Existing Resources: In the 'Resources' tree view show only namespaces, resource types, and resource groups that actually contain resources (no empty folders). When only this setting is enabled, opening the 'Resource Providers' folder the first time in a session will take a long time, since each resource type must be queried to determine whether the subscription contains any resources of that type.
- Both filters combined together: This is the default setting, and will typically result in taking much less time to open the 'Resource Providers' folder, since fewer resource types must be queried.
- Neither of the above filters: With all filtering disabled, the 'Resource Providers' folder will open quickly, but will contain many empty folders. This may be preferrable when looking for a few known namespaces and resource types.
- This extension only displays the objects shown in the tree view, it does not support creating objects or updating existing objects. In some cases, the contents displayed can be used in other Azure interfaces to create or modify resources. For example, policy definition contents can be pasted into the Azure portal or a command line with some modification to create or update existing policies.
- Nodes that refer to a resource will open in a tab when selected. Others are structural and can be expanded or closed. Below the 'Resource Providers' folder, many nodes do both, since they represent a resource, but also have sub types.
- If you haven’t previously signed into Azure from Visual Studio Code, you will need to sign in. After signing in, you may also filter by subscriptions. To sign in, select 'View' -> 'Command Palette' and select 'Azure: Sign in'. To filter subscriptions select 'Azure: Select Subscriptions' command.
Visual Studio Code version 1.39.2 and higher
- Windows (x64)
- Mac (x64)
- Ubuntu (x64)
Visual Studio Code extension documentation: https://docs.microsoft.com/azure/governance/policy/how-to/extension-for-vscode
- Policy structure syntax highlighting
- Policy and alias validation
- Policy compliance state testing
Ideas, feature requests and bugs: Email email@example.com! We are open to all ideas and we want to get rid of bugs!
See the changelog for this extension
Visual Studio Code collects usage data and sends it to Microsoft to help improve our products and services. Read our privacy statement to learn more. If you don’t wish to send usage data to Microsoft, you can set the telemetry.enableTelemetry setting to false. Learn more in our FAQ.
This extension is licensed under the MIT license. By downloading and using the Visual Studio Azure Policy extension and its related components, you agree to the product license terms and privacy statement.