AzPolicyAdvertizer

last sync: 2025-Jul-01 17:24:08 UTC

Enforce network security groups to have a DENY RDP security rule.

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 712e27b2-aff0-4b43-9a34-301afc5638f8 (1.0.0) to Azure
Display name Enforce network security groups to have a DENY RDP security rule.
Id 712e27b2-aff0-4b43-9a34-301afc5638f8
Version 1.0.0
Details on versioning
Category Network
Microsoft Learn
Description Enforce network security groups to have a DENY RDP security rule.
Mode All
Type Custom Community
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Network Contributor 4d97b98b-1d4f-4787-a291-c67834d212e7
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkSecurityGroups/securityRules/access Microsoft.Network networkSecurityGroups/securityRules properties.access True True
Microsoft.Network/networkSecurityGroups/securityRules/destinationPortRange Microsoft.Network networkSecurityGroups/securityRules properties.destinationPortRange True True
Microsoft.Network/networkSecurityGroups/securityRules/direction Microsoft.Network networkSecurityGroups/securityRules properties.direction True True
Rule resource types IF (1)
Microsoft.Network/networkSecurityGroups
THEN-Deployment (1)
Microsoft.Network/networkSecurityGroups/securityRules
JSON
EPAC
Deploy policy 712e27b2-aff0-4b43-9a34-301afc5638f8 (1.0.0) to Azure