AzPolicyAdvertizer

last sync: 2025-Oct-24 17:23:08 UTC

Storage Accounts should restrict network access through network ACL bypass configuration only.

Azure BuiltIn Policy definition

Source Azure Portal
Display name Storage Accounts should restrict network access through network ACL bypass configuration only.
Id 7809fda1-ba27-48c1-9c63-1f5aee46ba89
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category VirtualEnclaves
Microsoft Learn
Description To improve the security of Storage Accounts, enable access only through network ACL bypass. This policy should be used in combination with a private endpoint for storage account access.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy 7809fda1-ba27-48c1-9c63-1f5aee46ba89
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (5)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Storage/storageAccounts/networkAcls.bypass Microsoft.Storage storageAccounts properties.networkAcls.bypass True True
Microsoft.Storage/storageAccounts/networkAcls.defaultAction Microsoft.Storage storageAccounts properties.networkAcls.defaultAction True True
Microsoft.Storage/storageAccounts/networkAcls.ipRules[*] Microsoft.Storage storageAccounts properties.networkAcls.ipRules[*] True True
Microsoft.Storage/storageAccounts/networkAcls.resourceAccessRules[*] Microsoft.Storage storageAccounts properties.networkAcls.resourceAccessRules[*] True False
Microsoft.Storage/storageAccounts/networkAcls.virtualNetworkRules[*] Microsoft.Storage storageAccounts properties.networkAcls.virtualNetworkRules[*] True True
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Control the use of Storage Accounts in a Virtual Enclave ca122c06-05f6-4423-9018-ccb523168eb2 VirtualEnclaves Preview BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-02-27 19:10:20 add 7809fda1-ba27-48c1-9c63-1f5aee46ba89
JSON compare n/a
JSON
api-version=2021-06-01
EPAC