AzPolicyAdvertizer

last sync: 2025-Jul-15 17:24:34 UTC

Audit if Key Vault has no virtual network rules

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 59c76be0-ecd5-41cb-b7f9-f60b11645db8 (1.0.0) to Azure
Display name Audit if Key Vault has no virtual network rules
Id 59c76be0-ecd5-41cb-b7f9-f60b11645db8
Version 1.0.0
Details on versioning
Category Key Vault
Microsoft Learn
Description Audits Key Vault vaults if they do not have virtual network service endpoints set up. More information on virtual network service endpoints in Key Vault is available here: https://docs.microsoft.com/en-us/azure/key-vault/key-vault-overview-vnet-service-endpoints
Mode Indexed
Type Custom Community
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/vaults/networkAcls.defaultAction Microsoft.KeyVault vaults properties.networkAcls.defaultAction True True
Microsoft.KeyVault/vaults/networkAcls.virtualNetworkRules[*].id Microsoft.KeyVault vaults properties.networkAcls.virtualNetworkRules[*].id True True
Rule resource types IF (1)
Microsoft.KeyVault/vaults
JSON
EPAC
Deploy policy 59c76be0-ecd5-41cb-b7f9-f60b11645db8 (1.0.0) to Azure