last sync: 2021-Oct-15 16:53:12 UTC

Azure Policy definition

Configure Azure Event Grid domains to disable local authentication

Name Configure Azure Event Grid domains to disable local authentication
Azure Portal
Id 8ac2748f-3bf1-4c02-a3b6-92ae68cf75b1
Version 1.0.0
details on versioning
Category Event Grid
Microsoft docs
Description Disable local authentication methods so that your Azure Event Grid domains exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
EventGrid Contributor 1e241071-0855-49ea-94dc-649edcd759de
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-21 16:12:09 add 8ac2748f-3bf1-4c02-a3b6-92ae68cf75b1
Used in Initiatives none
JSON
{
  "displayName": "Configure Azure Event Grid domains to disable local authentication",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Disable local authentication methods so that your Azure Event Grid domains exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/aeg-disablelocalauth.",
  "metadata": {
    "version": "1.0.0",
    "category": "Event Grid"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "Modify",
        "Disabled"
      ],
      "defaultValue": "Modify"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.EventGrid/domains"
        },
        {
          "field": "Microsoft.EventGrid/domains/disableLocalAuth",
          "notEquals": true
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "conflictEffect": "audit",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/1e241071-0855-49ea-94dc-649edcd759de"
        ],
        "operations": [
          {
            "condition": "[greaterOrEquals(requestContext().apiVersion, '2021-06-01-preview')]",
            "operation": "addOrReplace",
            "field": "Microsoft.EventGrid/domains/disableLocalAuth",
            "value": true
          }
        ]
      }
    }
  }
}