I am new to Azure. I am trying to get the policies assigned to a subscription(1e1707b7-XXXX-XXXX-XXXX-71feab4b911d) using powershell below. I am not getting the correct count of policies applied to that subscription.
Get-AzPolicyAssignment -Scope "/subscriptions/1e1707b7-XXXX-XXXX-XXXX-71feab4b911d"
I think there is some problem with the scope. Can someone help me with this?
CodePudding user response:
That should be the correct command. Do you also include assignments coming from ancestors ? That might be the reason why you expect to see more than what you got from the command. Here it getting assignments from this specific scope only, not then one inherited from the parents (Management Groups).
You can do so using the -IncludeDescendent
parameter - see official documentation.