last sync: 2021-Jul-23 16:37:57 UTC

Azure Policy definition

Automation accounts should disable public network access

Name Automation accounts should disable public network access
Azure Portal
Id 955a914f-bf86-4f0e-acd5-e0766b0efcb6
Version 1.0.0
details on versioning
Category Automation
Microsoft docs
Description Disabling public network access improves security by ensuring that the resource isn't exposed on the public internet. You can limit exposure of your Automation account resources by creating private endpoints instead. Learn more at: https://docs.microsoft.com/azure/automation/how-to/private-link-security.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-09 14:37:41 add 955a914f-bf86-4f0e-acd5-e0766b0efcb6
Used in Initiatives none
JSON
{
  "properties": {
    "displayName": "Automation accounts should disable public network access",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Disabling public network access improves security by ensuring that the resource isn't exposed on the public internet. You can limit exposure of your Automation account resources by creating private endpoints instead. Learn more at: https://docs.microsoft.com/azure/automation/how-to/private-link-security.",
    "metadata": {
      "version": "1.0.0",
      "category": "Automation"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Deny",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Automation/automationAccounts"
          },
          {
            "field": "Microsoft.Automation/automationAccounts/publicNetworkAccess",
            "notEquals": "false"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/955a914f-bf86-4f0e-acd5-e0766b0efcb6",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "955a914f-bf86-4f0e-acd5-e0766b0efcb6"
}