policy-effect-evaluation-order

Status: IN

Azure Policy effect evaluation order: `disabled` → `append`/`modify` → `deny` → `audit` → `manual` → `auditIfNotExists` → `denyAction`; `append`/`modify` run before `deny` because they may alter the request and prevent a deny.

Source: entries/2026/03/11/policy-effects.md

JSON