AzPolicyAdvertizer

last sync: 2025-May-19 17:30:35 UTC

Address space must be pre-allocated for region

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 839b1912-7f98-40f7-b83e-2153e2e4b0fc (0.0.1-preview) to Azure
Display name Address space must be pre-allocated for region
Id 839b1912-7f98-40f7-b83e-2153e2e4b0fc
Version 0.0.1-preview
Details on versioning
Category Network
Microsoft Learn
Description This policy ensures that the address space allocated to a VNET has been pre-allocated for use within Azure, preventing peerings being utilised as an attack vector for null-routing traffic on the platform.
Mode Indexed
Type Custom Community
Effect Default
Audit
Allowed
Deny, Audit, Disabled
RBAC role(s) none
Rule aliases IF (5)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/virtualNetworks/addressSpace Microsoft.Network virtualNetworks properties.addressSpace True False
Microsoft.Network/virtualNetworks/addressSpace.addressPrefixes Microsoft.Network virtualNetworks properties.addressSpace.addressPrefixes True False
Microsoft.Network/virtualNetworks/addressSpace.addressPrefixes[*] Microsoft.Network virtualNetworks properties.addressSpace.addressPrefixes[*] True False
Microsoft.Network/virtualNetworks/virtualNetworkPeerings[*] Microsoft.Network virtualNetworks properties.VirtualNetworkPeerings[*] True False
Microsoft.Network/virtualNetworks/virtualNetworkPeerings[*].remoteVirtualNetwork.id Microsoft.Network virtualNetworks properties.VirtualNetworkPeerings[*].properties.remoteVirtualNetwork.id True False
Rule resource types IF (1)
Microsoft.Network/virtualNetworks
JSON
EPAC
Deploy policy 839b1912-7f98-40f7-b83e-2153e2e4b0fc (0.0.1-preview) to Azure