last sync: 2021-Oct-15 16:53:12 UTC

Azure Policy definition

Configure Azure Event Grid topics to disable local authentication

Name Configure Azure Event Grid topics to disable local authentication
Azure Portal
Id 1c8144d9-746a-4501-b08c-093c8d29ad04
Version 1.0.0
details on versioning
Category Event Grid
Microsoft docs
Description Disable local authentication methods so that your Azure Event Grid topics exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
EventGrid Contributor 1e241071-0855-49ea-94dc-649edcd759de
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-21 16:12:09 add 1c8144d9-746a-4501-b08c-093c8d29ad04
Used in Initiatives none
JSON
{
  "displayName": "Configure Azure Event Grid topics to disable local authentication",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Disable local authentication methods so that your Azure Event Grid topics exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.",
  "metadata": {
    "version": "1.0.0",
    "category": "Event Grid"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "Modify",
        "Disabled"
      ],
      "defaultValue": "Modify"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.EventGrid/topics"
        },
        {
          "field": "Microsoft.EventGrid/topics/disableLocalAuth",
          "notEquals": true
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "conflictEffect": "audit",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de"
        ],
        "operations": [
          {
            "condition": "[greaterOrEquals(requestContext().apiVersion, '2021-06-01-preview')]",
            "operation": "addOrReplace",
            "field": "Microsoft.EventGrid/topics/disableLocalAuth",
            "value": true
          }
        ]
      }
    }
  }
}