AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Deny Service Endpoints on Subnets Based on Naming Convention

Name Deny Service Endpoints on Subnets Based on Naming Convention
Community-Policy GitHub
Id Deny Service Endpoints on Subnets Based on Naming Convention
Version n/a
details on versioning
Category undefined
Microsoft docs
Description This Policy will deny the enablement of Service Endpoints on subnets that contain the string you define in the Policy. This will also prevent PaaS resources such as Azure Storage from being able to add this subnet to their firewall allowed list.
Mode All
Type Custom Community
Effect Default
Deny
Allowed
Deny, Disabled
Used RBAC Role none
Rule Aliases IF (4)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/virtualNetworks/subnets/serviceEndpoints[*].service Microsoft.Network virtualNetworks/subnets properties.serviceEndpoints[*].service true
Microsoft.Network/virtualNetworks/subnets[*] Microsoft.Network virtualNetworks properties.subnets[*] false
Microsoft.Network/virtualNetworks/subnets[*].name Microsoft.Network virtualNetworks properties.subnets[*].name false
Microsoft.Network/virtualNetworks/subnets[*].serviceEndpoints[*].service Microsoft.Network virtualNetworks properties.subnets[*].properties.serviceEndpoints[*].service false
Rule ResourceTypes IF (1)
Microsoft.Network/virtualNetworks
JSON