last sync: 2022-Sep-23 16:35:49 UTC

Azure Policy definition

Public network access should be disabled for MySQL flexible servers

Name Public network access should be disabled for MySQL flexible servers
Azure Portal
Id c9299215-ae47-4f50-9c54-8a392f68a052
Version 2.0.0
details on versioning
Category SQL
Microsoft docs
Description Disabling the public network access property improves security by ensuring your Azure Database for MySQL flexible servers can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
Rule Aliases IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.DBforMySQL/flexibleServers/network.delegatedSubnetResourceId Microsoft.DBforMySQL flexibleServers properties.network.delegatedSubnetResourceId false
Microsoft.DBforMySQL/flexibleServers/network.privateDnsZoneResourceId Microsoft.DBforMySQL flexibleServers properties.network.privateDnsZoneResourceId false
Rule ResourceTypes IF (1)
Microsoft.DBforMySQL/flexibleServers
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-02-18 17:44:00 change Major (1.0.0 > 2.0.0)
2020-10-20 13:29:33 add c9299215-ae47-4f50-9c54-8a392f68a052
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: CMMC 2.0 Level 2 4e50fd13-098b-3206-61d6-d1d78205cb45 Regulatory Compliance Preview BuiltIn
[Preview]: RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance Preview BuiltIn
Audit Public Network Access f1535064-3294-48fa-94e2-6e83095a5c08 SDN GA BuiltIn
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
Public network access should be disabled for PaaS services Deny-PublicPaaSEndpoints Network GA ALZ
JSON Changes

JSON