AzPolicyAdvertizer

last sync: 2021-Nov-26 17:15:01 UTC

Azure Policy definition

Configure Azure Service Bus namespaces to disable local authentication

Name Configure Azure Service Bus namespaces to disable local authentication
Azure Portal
Id 910711a6-8aa2-4f15-ae62-1e5b2ed3ef9e
Version 1.0.0
details on versioning
Category Service Bus
Microsoft docs
Description Disable local authentication methods so that your Azure ServiceBus namespaces exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/disablelocalauth-sb.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Modify
Allowed: (Modify, Disabled)
Used RBAC Role
Role Name Role Id
Azure Service Bus Data Owner 090c5cfd-751d-490a-894a-3ce6f1109419
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-10-04 15:27:15 add 910711a6-8aa2-4f15-ae62-1e5b2ed3ef9e
Used in Initiatives none
JSON 
{
  "displayName": "Configure Azure Service Bus namespaces to disable local authentication",
  "policyType": "BuiltIn",
  "mode": "Indexed",
  "description": "Disable local authentication methods so that your Azure ServiceBus namespaces exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/disablelocalauth-sb.",
  "metadata": {
    "version": "1.0.0",
    "category": "Service Bus"
  },
  "parameters": {
    "effect": {
      "type": "String",
      "metadata": {
        "displayName": "Effect",
        "description": "Enable or disable the execution of the policy"
      },
      "allowedValues": [
        "Modify",
        "Disabled"
      ],
      "defaultValue": "Modify"
    }
  },
  "policyRule": {
    "if": {
      "allOf": [
        {
          "field": "type",
          "equals": "Microsoft.ServiceBus/namespaces"
        },
        {
          "field": "Microsoft.ServiceBus/namespaces/disableLocalAuth",
          "notEquals": true
        }
      ]
    },
    "then": {
      "effect": "[parameters('effect')]",
      "details": {
        "conflictEffect": "audit",
        "roleDefinitionIds": [
          "/providers/microsoft.authorization/roleDefinitions/090c5cfd-751d-490a-894a-3ce6f1109419"
        ],
        "operations": [
          {
            "condition": "[greaterOrEquals(requestContext().apiVersion, '2021-06-01-preview')]",
            "operation": "addOrReplace",
            "field": "Microsoft.ServiceBus/namespaces/disableLocalAuth",
            "value": true
          }
        ]
      }
    }
  }
}