last sync: 2021-May-17 14:22:45 UTC

Azure Policy definition

Azure Event Grid topics should disable public network access

Name Azure Event Grid topics should disable public network access
Azure Portal
Id 1adadefe-5f21-44f7-b931-a59b54ccdb45
Version 1.0.0
details on versioning
Category Event Grid
Microsoft docs
Description Disabling public network access improves security by ensuring that the resource isn't exposed on the public internet. You can limit exposure of your resources by creating private endpoints instead. Learn more at: https://aka.ms/privateendpoints.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-02-17 14:28:42 add 1adadefe-5f21-44f7-b931-a59b54ccdb45
Used in Initiatives none
JSON
{
  "properties": {
    "displayName": "Azure Event Grid topics should disable public network access",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Disabling public network access improves security by ensuring that the resource isn't exposed on the public internet. You can limit exposure of your resources by creating private endpoints instead. Learn more at: https://aka.ms/privateendpoints.",
    "metadata": {
      "version": "1.0.0",
      "category": "Event Grid"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Deny",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.EventGrid/topics"
          },
          {
            "field": "kind",
            "notEquals": "AzureArc"
          },
          {
            "field": "Microsoft.EventGrid/topics/publicNetworkAccess",
            "notEquals": "Disabled"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/1adadefe-5f21-44f7-b931-a59b54ccdb45",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "1adadefe-5f21-44f7-b931-a59b54ccdb45"
}