AzPolicyAdvertizer

last sync: 2025-Jul-18 17:23:11 UTC

[Deprecated]: Private endpoint should be configured for Key Vault

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: Private endpoint should be configured for Key Vault

5f0bc445-3935-4915-9981-011aa2b46147

Version

1.1.1-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 1
1.1.1 (1.1.1-deprecated)
Built-in Versioning [Preview]

Category

Key Vault
Microsoft Learn

Description

The policy 5f0bc445-3935-4915-9981-011aa2b46147 has been deprecated as it has been replaced by newer policy a6abeaec-4d90-4a02-805f-6b26c4d3fbe9

Cloud environments

AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown

Available in AzUSGov

Unknown, no evidence if Policy definition is/not available in AzureUSGovernment

Assessment(s)

Assessments count: 1
Assessment Id: 2e96bc2f-1972-e471-9e70-ae58d41e9d2a
DisplayName: Private endpoint should be configured for Key Vault
Description: Private link provides a way to connect Key Vault to your Azure resources without sending traffic over the public internet. Private link provides defense in depth protection against data exfiltration.
Remediation description: For detailed steps, see https://aka.ms/akvprivatelink.
Categories: IdentityAndAccess
Severity: Medium
preview: True

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

True

Reference

Reference to 1 related Policy definition (taken from description)
Azure Key Vaults should use private link (a6abeaec-4d90-4a02-805f-6b26c4d3fbe9)

Effect

Default
Audit
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.KeyVault/vaults/privateEndpointConnections	Microsoft.KeyVault	vaults	properties.privateEndpointConnections	True		False
Microsoft.KeyVault/vaults/privateEndpointConnections[*]	Microsoft.KeyVault	vaults	properties.privateEndpointConnections[*]	True		False

Rule resource types

IF (2)

Microsoft.KeyVault/vaults
Microsoft.KeyVault/vaults/privateEndpointConnections

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-02-16 18:41:08	change	Patch, suffix changed: new suffix: deprecated; old suffix: preview (1.1.0-preview > 1.1.1-deprecated)
2021-01-27 16:54:46	change	Minor, suffix remains equal (1.0.2-preview > 1.1.0-preview)
2020-12-11 15:42:52	change	Patch, suffix remains equal (1.0.1-preview > 1.0.2-preview)
2020-09-09 11:24:03	add	5f0bc445-3935-4915-9981-011aa2b46147

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC