last sync: 2024-Jun-24 18:15:26 UTC

Configure CosmosDB accounts with private endpoints

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure CosmosDB accounts with private endpoints
Id b609e813-3156-4079-91fa-a8494c1471c4
Version 1.0.0
Details on versioning
Category Cosmos DB
Microsoft Learn
Description Private endpoints connect your virtual network to Azure services without a public IP address at the source or destination. By mapping private endpoints to your CosmosDB account, you can reduce data leakage risks. Learn more about private links at: https://docs.microsoft.com/azure/cosmos-db/how-to-configure-private-endpoints.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
DocumentDB Account Contributor 5bd9cd88-fe45-4216-938b-f97437e15450
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/privateEndpointConnections/privateLinkServiceConnectionState.status Microsoft.DocumentDB databaseAccounts/privateEndpointConnections properties.privateLinkServiceConnectionState.status True False
Rule resource types IF (1)
Microsoft.DocumentDB/databaseAccounts
THEN-Deployment (2)
Microsoft.Network/privateEndpoints
Microsoft.Resources/deployments
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-09 14:37:41 add b609e813-3156-4079-91fa-a8494c1471c4
JSON compare n/a
JSON
api-version=2021-06-01
EPAC