last sync: 2021-May-10 15:04:35 UTC

Azure Policy definition

App Configuration should use a SKU that supports private link

Name App Configuration should use a SKU that supports private link
Azure Portal
Id 89c8a434-18f0-402c-8147-630a8dea54e0
Version 1.0.0
details on versioning
Category App Configuration
Microsoft docs
Description When using a supported SKU, Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The private link platform handles the connectivity between the consumer and services over the Azure backbone network. By mapping private endpoints to your app configuration instances instead of the entire service, you'll also be protected against data leakage risks. Learn more at: https://aka.ms/appconfig/private-endpoint.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-02-23 16:24:42 add 89c8a434-18f0-402c-8147-630a8dea54e0
Used in Initiatives none
JSON
{
  "properties": {
    "displayName": "App Configuration should use a SKU that supports private link",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "When using a supported SKU, Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The private link platform handles the connectivity between the consumer and services over the Azure backbone network. By mapping private endpoints to your app configuration instances instead of the entire service, you'll also be protected against data leakage risks. Learn more at: https://aka.ms/appconfig/private-endpoint.",
    "metadata": {
      "version": "1.0.0",
      "category": "App Configuration"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Deny",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.AppConfiguration/configurationStores"
          },
          {
            "field": "Microsoft.AppConfiguration/configurationStores/sku.name",
            "equals": "Free"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/89c8a434-18f0-402c-8147-630a8dea54e0",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "89c8a434-18f0-402c-8147-630a8dea54e0"
}