Azure Policy Assignments

Have you wondered what happens to an assignment when updating an Azure Policy Initiative or an Azure Policy what is already part of an assignment?

If you have tried to update an Azure Policy that required a new parameter you will notice that you have to provide a default value, no matter if that default actually makes sense. There is a basic reason for this, when you update the Azure Policy any current Policy Assignment already in existence is basically updated.

This means that any new parameter has to have a default value to ensure any current Assignment stays valid even if the default value does not makes sense.

Of course it makes sense operationally to review any Azure Policy Assignment, on update of the underlying policies, to ensure they are still valid and relevant.