last sync: 2024-Oct-03 17:51:34 UTC

Azure Key Vault should disable public network access

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Key Vault should disable public network access
Id 405c5871-3e91-4644-8a63-58e19d68ff5b
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Key Vault
Microsoft Learn
Description Disable public network access for your key vault so that it's not accessible over the public internet. This can reduce data leakage risks. Learn more at: https://aka.ms/akvprivatelink.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/vaults/createMode Microsoft.KeyVault vaults properties.createMode True True
Microsoft.KeyVault/vaults/publicNetworkAccess Microsoft.KeyVault vaults properties.publicNetworkAccess True True
Rule resource types IF (1)
Microsoft.KeyVault/vaults
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Control the use of Key Vault in a Virtual Enclave 4f4dba0f-a5ee-494b-8df7-f9727dea6f37 VirtualEnclaves Preview BuiltIn
Audit Public Network Access f1535064-3294-48fa-94e2-6e83095a5c08 SDN GA BuiltIn
Public network access should be disabled for PaaS services Deny-PublicPaaSEndpoints Network GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-03-31 17:44:15 change Minor (1.0.0 > 1.1.0)
2022-06-10 16:31:21 add 405c5871-3e91-4644-8a63-58e19d68ff5b
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC