github Azure/ALZ-Bicep v0.25.0
on GitHub

7 hours ago

What's Changed

  • feat: FY26 Policy Refresh by @cae-pr-creator[bot] in #1066

Breaking Changes

Enforce-Guardrails-KeyVault → Enforce-Guardrails-KeyVault_20260203

The Enforce-GR-KeyVault policy assignment now targets the Enforce-Guardrails-KeyVault_20260203 initiative (replacing the original Enforce-Guardrails-KeyVault). This is a breaking change from the February 2026 update that corrects the Hsm parameter naming typo in the original initiative.

Action Required: If you have previously deployed the Enforce-GR-KeyVault assignment targeting the old Enforce-Guardrails-KeyVault initiative, you must delete the existing assignment before deploying the updated initiative to avoid deployment failures.

Affected files:

  • alzDefaultPolicyAssignments.bicep - Updated varPolicyAssignmentEnforceGRKeyVault.definitionId
  • _policyAssignmentsBicepInput.txt - Updated auto-generated input
  • policy_assignment_es_enforce_gr_keyvault.tmpl.json - Updated policyDefinitionId

Removed Parameters from alzDefaultPolicyAssignments.bicep

The following parameters have been removed from the template and must be removed from any parameter files used for deployment:

  • parLogAnalyticsWorkspaceLogRetentionInDays — No longer used by the template
  • parAutomationAccountName — No longer used by the template

Action Required: Remove these parameters from your custom parameter files. The example parameter files (alzDefaultPolicyAssignments.parameters.all.json and alzDefaultPolicyAssignments.parameters.min.json) have been updated accordingly. Deployments using parameter files that still include these values will fail with an InvalidTemplate error.

Full Changelog: v0.24.0...v0.25.0

Check out latest releases or
releases around Azure/ALZ-Bicep v0.25.0

Don't miss a new ALZ-Bicep release

NewReleases is sending notifications on new releases.

Get notifications