Merge pull request #302937 from cynthn/scenario-comparison

AnnaMHuff · web-flow · commit 5fd3300e3498 · 2025-07-21T11:29:24.000-06:00
Moving comparison table over to an /include file
diff --git a/articles/governance/includes/scenario-comparison.md b/articles/governance/includes/scenario-comparison.md
@@ -0,0 +1,23 @@
+---
+ms.service: azure-policy
+ms.custom: 
+ms.topic: include
+ms.date: 07/17/2025
+author: kenieva
+ms.author: kenieva
+---
+
+
+|Scenario|[Resource Group](/azure/azure-resource-manager/management/overview#resource-groups)|[Subscription](/azure/azure-resource-manager/management/azure-subscription-service-limits#azure-subscription-limits)|[Management Group](https://www.learn.microsoft.com/azure/governance/management-groups/overview)|[Service Group](/azure/governance/service-groups/overview)|[Tags](/azure/azure-resource-manager/management/tag-resources)|
+|--------|--------------|------------|----------------|-------------|----|
+|Require Inheritance from assignment on scope to each member/descendant resource|Supported*|Supported|Supported|Not Supported|Not Supported|
+|Consolidation of resources for reduction of Role Assignments/Policy Assignments|Supported|Supported|Supported|Not Supported|Not Supported|
+|Grouping of resources that are shared across scope boundaries. Ex. Global Networking resources in one subscription/resource group that are shared across multiple applications that have their own subscriptions/resource groups. |Not Supported| Not Supported|Not Supported|Supported|Supported|
+|Create separate groupings that allow for separate aggregations of metrics|Not Supported|Supported|Supported|Supported|Supported**|
+|Enforce enterprise-wide restrictions or organizational configurations across many resources|Supported*|Supported*|Supported*|Not Supported|Supported***|
+
+*: When a policy is applied to a scope, the enforcement is to all of the members within the scope. For example, on a Resource Group it only applies to the resources under it.
+
+**: Tags can be applied across scopes and are added to resources individually. Azure Policy has built-in policies that can help manage tags.
+
+***: Azure tags can be used as criteria within Azure Policy to apply policies to certain resources. Azure tags are subject to limitations.
diff --git a/articles/governance/management-groups/overview.md b/articles/governance/management-groups/overview.md
@@ -40,6 +40,10 @@ inherits that access to all the subscriptions. One assignment on the management
 users to have access to everything they need, instead of scripting Azure role-based access control (RBAC) over different
 subscriptions.
 
+### Scenario comparison
+
+[!INCLUDE [scenario-comparison](../includes/scenario-comparison.md)]
+
 ### Important facts about management groups
 
 - A single directory can support 10,000 management groups.
diff --git a/articles/governance/service-groups/overview.md b/articles/governance/service-groups/overview.md
@@ -49,7 +49,7 @@ Azure Service Groups are a parallel tenant level hierarchy that allows the group
 
 Information about Service Groups 
 * A Service Group is created within the Microsoft.Management Resource Provider.  
-* Service Groups allow self nesting to create up to 10 "levels" of grouping depth. Nesting can managed via the 'parent' property within the Service Group resource. 
+* Service Groups allow self nesting to create up to 10 "levels" of grouping depth. Nesting can be managed via the 'parent' property within the Service Group resource. 
 * Role assignments on the Service Group can be inherited to the **child Service Groups only**. There's **no inheritance** through the memberships to the resources or resource containers.
 * There's a limit of 2000 service group members coming from within the same subscription. This means that within one subscription, resources, or resource groups, there can only be 2,000 memberships to Service Groups. 
 * Within the Preview window, there's a limit of 10,000 Service Groups in a single tenant.   
@@ -66,19 +66,7 @@ This table shows a summary of the differences between the groups.
 
 ### Scenario comparison
 
-|Scenario|Resource Group|Subscription|Management Group|Service Group|Tags|
-|--------|--------------|------------|----------------|-------------|----|
-|Require Inheritance from assignment on scope to each member/descendant resource|Supported*|Supported|Supported|Not Supported|Not Supported|
-|Consolidation of resources for reduction of Role Assignments/Policy Assignments|Supported|Supported|Supported|Not Supported|Not Supported|
-|Grouping of resources that are shared across scope boundaries. Ex. Global Networking resources in one subscription/resource group that are shared across multiple applications that have their own subscriptions/resource groups. |Not Supported| Not Supported|Not Supported|Supported|Supported|
-|Create separate groupings that allow for separate aggregations of metrics|Not Supported|Supported|Supported|Supported|Supported**|
-|Enforce enterprise-wide restrictions or organizational configurations across many resources|Supported*|Supported*|Supported*|Not Supported|Supported***|
-
-*: When a policy is applied to a scope, the enforcement is to all of the members within the scope  Ex. On a Resource Group, it only applies to the resources under it.
-
-**: Tags can be applied across scopes and are added to resources individually. Azure Policy has built-in policies that can help manage tags.
-
-***: Azure tags can be used as criteria within Azure Policy to apply policies to certain resources. Azure tags are subject to limitations.
+[!INCLUDE [scenario-comparison](../includes/scenario-comparison.md)]
 
 ### Important facts about service groups
 
