AzPolicyAdvertizer

last sync: 2025-Jun-20 17:23:43 UTC

Key Vault - Firewall Settings AUDIT

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 55f27823-3d2b-4f60-bbc4-ae3ca76c8036 (1.0.0) to Azure
Display name Key Vault - Firewall Settings AUDIT
Id 55f27823-3d2b-4f60-bbc4-ae3ca76c8036
Version 1.0.0
Details on versioning
Category Key Vault
Microsoft Learn
Description This Azure Policy creates an audit event when the 'Allow access from' setting is not set to 'Private endpoints and selected networks' or when the Firewall does contain any IP addresses outside of the approved ones.
Mode All
Type Custom Community
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/vaults/networkAcls.defaultAction Microsoft.KeyVault vaults properties.networkAcls.defaultAction True True
Microsoft.KeyVault/vaults/networkAcls.ipRules[*] Microsoft.KeyVault vaults properties.networkAcls.ipRules[*] True True
Microsoft.KeyVault/vaults/networkAcls.ipRules[*].value Microsoft.KeyVault vaults properties.networkAcls.ipRules[*].value True True
Rule resource types IF (1)
Microsoft.KeyVault/vaults
JSON
EPAC
Deploy policy 55f27823-3d2b-4f60-bbc4-ae3ca76c8036 (1.0.0) to Azure