last sync: 2021-Aug-04 14:59:26 UTC

Azure Policy definition

Azure Synapse workspaces should disable public network access

Name Azure Synapse workspaces should disable public network access
Azure Portal
Id 38d8df46-cf4e-4073-8e03-48c24b29de0d
Version 1.0.0
details on versioning
Category Synapse
Microsoft docs
Description Disabling public network access improves security by ensuring that the Synapse workspace isn't exposed on the public internet. Creating private endpoints can limit exposure of your Synapse workspaces. Learn more at: https://docs.microsoft.com/azure/synapse-analytics/security/connectivity-settings.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-05-18 14:34:48 add 38d8df46-cf4e-4073-8e03-48c24b29de0d
Used in Initiatives none
JSON
{
  "properties": {
    "displayName": "Azure Synapse workspaces should disable public network access",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Disabling public network access improves security by ensuring that the Synapse workspace isn't exposed on the public internet. Creating private endpoints can limit exposure of your Synapse workspaces. Learn more at: https://docs.microsoft.com/azure/synapse-analytics/security/connectivity-settings.",
    "metadata": {
      "version": "1.0.0",
      "category": "Synapse"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Deny",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Synapse/workspaces"
          },
          {
            "field": "Microsoft.Synapse/workspaces/publicNetworkAccess",
            "notEquals": "Disabled"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/38d8df46-cf4e-4073-8e03-48c24b29de0d",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "38d8df46-cf4e-4073-8e03-48c24b29de0d"
}