AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Deny vNet peering to non-approved vNets

Source

Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-VNET-Peering-To-Non-Approved-VNETs

Display name

Deny vNet peering to non-approved vNets

Deny-VNET-Peering-To-Non-Approved-VNETs

Version

Category

Network

Description

This policy denies the creation of vNet Peerings to non-approved vNets under the assigned scope.

Mode

All

Type

Custom Azure Landing Zones (ALZ)

Preview

False

Deprecated

False

Effect

Default
Deny
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/remoteVirtualNetwork.id	Microsoft.Network	virtualNetworks/virtualNetworkPeerings	properties.remoteVirtualNetwork.id	True		False
Microsoft.Network/virtualNetworks/virtualNetworkPeerings[*].remoteVirtualNetwork.id	Microsoft.Network	virtualNetworks	properties.VirtualNetworkPeerings[*].properties.remoteVirtualNetwork.id	True		False

Rule resource types

IF (2)
Microsoft.Network/virtualNetworks
Microsoft.Network/virtualNetworks/virtualNetworkPeerings

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-04-11 11:16:38	add	Deny-VNET-Peering-To-Non-Approved-VNETs

JSON compare

n/a

JSON

EPAC