Skip to content

Commit 06b6564

Browse files
Merge pull request #257436 from andreamichaelmsft/patch-8
Update concept-network-groups.md
2 parents 6c26b93 + 50c8491 commit 06b6564

File tree

1 file changed

+3
-5
lines changed

1 file changed

+3
-5
lines changed

articles/virtual-network-manager/concept-network-groups.md

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,20 +39,18 @@ All group membership is recorded in Azure Resource Graph and available for your
3939

4040
## Network groups and Azure Policy
4141

42-
When you create a network group, an Azure Policy is created so that Azure Virtual Network Manager gets notified about changes made to virtual network membership. The policies defined are available for you to see, but they aren't editable by users today. Creating, changing, and deleting Azure Policy definitions and assignments for network groups is only possible through the Azure Network Manager today.
43-
44-
To create an Azure Policy initiative definition and assignment for Azure Virtual Network Manager resources, create and deploy a network group with the necessary configurations. To update an existing Azure Policy initiative definition or corresponding assignment, you need to change and deploy changes to the network group within the Azure Virtual Network Manager resource. To delete an Azure Policy initiative definition and assignment, you need to undeploy and delete the Azure Virtual Network Manager resources associated with your policy. This may include removing a configuration, deleting a configuration, and deleting a network group. For more information on deletion, review the Azure Virtual Network Manager [checklist for removing components](concept-remove-components-checklist.md).
42+
When you create a network group, an Azure Policy is created so that Azure Virtual Network Manager gets notified about changes made to virtual network membership.
4543

4644
To create, edit, or delete Azure Virtual Network Manager dynamic group policies, you need:
4745

4846
- Read and write role-based access control permissions to the underlying policy.
4947
- Role-based access control permissions to join the network group (Classic Admin authorization isn't supported).
5048

51-
For more information on required permissions for Azure Virtual Network Manager dynamic group policies, review [Required permissions](concept-azure-policy-integration.md#required-permissions).
49+
For more information on required permissions for Azure Virtual Network Manager dynamic group policies, review [required permissions](concept-azure-policy-integration.md#required-permissions).
5250

5351
## Next steps
5452

5553
- Create an [Azure Virtual Network Manager](create-virtual-network-manager-portal.md) instance using the Azure portal
5654
- Learn how to create a [Hub and spoke topology](how-to-create-hub-and-spoke.md) with Azure Virtual Network Manager
5755
- Learn how to block network traffic with a [Security admin configuration](how-to-block-network-traffic-portal.md)
58-
- Review [Azure Policy basics](../governance/policy/overview.md)
56+
- Review [Azure Policy basics](../governance/policy/overview.md)

0 commit comments

Comments
 (0)