last sync: 2021-Oct-15 16:53:12 UTC

Azure Policy definition

Configure Azure Event Grid partner namespaces to disable local authentication

Name Configure Azure Event Grid partner namespaces to disable local authentication
Azure Portal
Id 2dd0e8b9-4289-4bb0-b813-1883298e9924
Version 1.0.0
details on versioning
Category Event Grid
Microsoft docs
Description Disable local authentication methods so that your Azure Event Grid partner namespaces exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
EventGrid Contributor 1e241071-0855-49ea-94dc-649edcd759de
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-21 16:12:09 add 2dd0e8b9-4289-4bb0-b813-1883298e9924
Used in Initiatives none
JSON
{
  "displayName": "Configure Azure Event Grid partner namespaces to disable local authentication",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Disable local authentication methods so that your Azure Event Grid partner namespaces exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.",
  "metadata": {
    "version": "1.0.0",
    "category": "Event Grid"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "Modify",
        "Disabled"
      ],
      "defaultValue": "Modify"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.EventGrid/partnerNamespaces"
        },
        {
          "field": "Microsoft.EventGrid/partnerNamespaces/disableLocalAuth",
          "notEquals": true
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "conflictEffect": "audit",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de"
        ],
        "operations": [
          {
            "condition": "[greaterOrEquals(requestContext().apiVersion, '2021-06-01-preview')]",
            "operation": "addOrReplace",
            "field": "Microsoft.EventGrid/partnerNamespaces/disableLocalAuth",
            "value": true
          }
        ]
      }
    }
  }
}