AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Deny Databricks workspaces without Vnet injection

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-Databricks-VirtualNetwork
Deploy policy Deny-Databricks-VirtualNetwork (1.0.0) to Azure
Display name Deny Databricks workspaces without Vnet injection
Id Deny-Databricks-VirtualNetwork
Version 1.0.0
Details on versioning
Category Databricks
Description Enforces the use of vnet injection for Databricks workspaces.
Cloud environments AzureCloud
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Deny
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DataBricks/workspaces/parameters.customPrivateSubnetName.value Microsoft.Databricks workspaces properties.parameters.customPrivateSubnetName.value True False
Microsoft.DataBricks/workspaces/parameters.customPublicSubnetName.value Microsoft.Databricks workspaces properties.parameters.customPublicSubnetName.value True False
Microsoft.DataBricks/workspaces/parameters.customVirtualNetworkId.value Microsoft.Databricks workspaces properties.parameters.customVirtualNetworkId.value True False
Rule resource types IF (1)
Microsoft.Databricks/workspaces
Initiatives usage none
History none
JSON compare n/a
JSON
EPAC
Deploy policy Deny-Databricks-VirtualNetwork (1.0.0) to Azure