last sync: 2024-Jun-13 18:14:14 UTC

Deny vNet peering to non-approved vNets

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-VNET-Peering-To-Non-Approved-VNETs
Display name Deny vNet peering to non-approved vNets
Id Deny-VNET-Peering-To-Non-Approved-VNETs
Version 1.0.0
Details on versioning
Category Network
Description This policy denies the creation of vNet Peerings to non-approved vNets under the assigned scope.
Mode All
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Deny
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/virtualNetworks/virtualNetworkPeerings/remoteVirtualNetwork.id Microsoft.Network virtualNetworks/virtualNetworkPeerings properties.remoteVirtualNetwork.id false
Microsoft.Network/virtualNetworks/virtualNetworkPeerings[*].remoteVirtualNetwork.id Microsoft.Network virtualNetworks properties.VirtualNetworkPeerings[*].properties.remoteVirtualNetwork.id false
Rule resource types IF (2)
Microsoft.Network/virtualNetworks
Microsoft.Network/virtualNetworks/virtualNetworkPeerings
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-11 11:16:38 add Deny-VNET-Peering-To-Non-Approved-VNETs
JSON compare n/a
JSON
EPAC