To implement Azure policies, you have to assign them. In this section, we are going to assign an Allowed location policy to an Azure resource group. To do so, follow these steps:

1. Navigate to the Azure portal by opening https://portal.azure.com.
2. Open the PacktVMResourceGroup resource group.
3. Then, under Settings, select Policies.
4. Click on the Getting started menu item. You will see a page that looks similar to the following:

5. The first step is to view and select the policy definition. To do so, select the View definitions button, as shown in the preceding screenshot.
6. You will be taken to the available built-in and custom policies inside your subscription. On the right-hand side, type Locations into the search bar:

7. Then, select the Allowed locations policy; you will be redirected to a blade where you can view the policy definition in JSON and assign the policy:

8. Click on Assign in the top menu.

9. To assign the policy, you have to fill in the following values:
   1. In the Basics tab, apply the following values: 
      1. Scope: Select a subscription and, optionally, a resource group. I've selected the PacktVMResourceGroup resource group for this demonstration:

1. 2. In the Parameters tab, apply the following values:
      1. Allowed locations: Only select East US, as shown in the following screenshot:

1. 3. Click Review + create and then Create.

10. Now, when we add a new resource to the resource group (such as a new VM) and set the location to West Europe, we will notice a validation error on the top-left of the screen. When you click on it, you will see the following details on the right-hand side of the screen:

In this section, we learned how to assign a policy in Azure. This concludes this chapter.