Source
Azure Portal
Display name
Deploy - Configure Azure Event Grid domains to use private DNS zones
Id
d389df0a-e0d7-4607-833c-75a6fdac2c2d Copy Id Copy resourceId
Version
1.1.0 Details on versioning
Versioning
Versions supported for Versioning: 1 1.1.0 Built-in Versioning [Preview]
Category
Event Grid Microsoft Learn
Description
Use private DNS zones to override the DNS resolution for a private endpoint. Learn more at: https://aka.ms/privatednszone.
Cloud environments
AzureCloud = true AzureUSGovernment = unknown AzureChinaCloud = unknown
Available in AzUSGov
Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode
Indexed
Type
BuiltIn
Preview
False
Deprecated
False
Effect
Default DeployIfNotExists
Allowed deployIfNotExists, DeployIfNotExists, Disabled
RBAC role(s)
Rule aliases
IF (1)
Rule resource types
IF (1)
THEN-Deployment (1)
Compliance
Not a Compliance control
Initiatives usage
Records: 10 25 100 200 Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
< ,
<= ,
> ,
>= ,
= ,
* ,
! ,
{ ,
} ,
|| ,
&& ,
[empty] ,
[nonempty] ,
rgx: Learn more ? Page 1 of 1
Clear Network Clear GA Clear ALZ
Initiative DisplayName
Initiative Id
Initiative Category
State
Type
polSet in AzUSGov
Configure Azure PaaS services to use private DNS zones
Deploy-Private-DNS-Zones
Network
GA ALZ
No results
History
Date/Time (UTC ymd) (i)
Change type
Change detail
2022-04-01 20:29:14
change
Minor (1.0.0 > 1.1.0)
2021-02-17 14:28:42
add
d389df0a-e0d7-4607-833c-75a6fdac2c2d
JSON compareHide
compare mode:
side-by-side
line-by-line
version left: 1.0.0
version right: 1.1.0 1.0.0
@@ -3,9 +3,9 @@
3
"policyType": "BuiltIn",
4
"mode": "Indexed",
5
"description": "Use private DNS zones to override the DNS resolution for a private endpoint. Learn more at: https://aka.ms/privatednszone.",
6
"metadata": {
7
-
"version": "1.0.0",
8
"category": "Event Grid"
9
},
10
"parameters": {
11
"privateDnsZoneId": {
@@ -23,11 +23,12 @@
23
"description": "Enable or disable the execution of the policy"
24
},
25
"allowedValues": [
26
"deployIfNotExists",
27
"Disabled"
28
],
29
-
"defaultValue": "deployIfNotExists"
30
}
31
},
32
"policyRule": {
33
"if": {
3
"policyType": "BuiltIn",
4
"mode": "Indexed",
5
"description": "Use private DNS zones to override the DNS resolution for a private endpoint. Learn more at: https://aka.ms/privatednszone.",
6
"metadata": {
7
+
"version": "1.1 .0",
8
"category": "Event Grid"
9
},
10
"parameters": {
11
"privateDnsZoneId": {
23
"description": "Enable or disable the execution of the policy"
24
},
25
"allowedValues": [
26
"deployIfNotExists",
27
+
"DeployIfNotExists",
28
"Disabled"
29
],
30
+
"defaultValue": "DeployIfNotExists "
31
}
32
},
33
"policyRule": {
34
"if": {
JSON
api-version=2021-06-01
Copy definition Copy definition 4 EPAC EPAC
{ 7 items displayName: "Deploy - Configure Azure Event Grid domains to use private DNS zones" , policyType: "BuiltIn" , mode: "Indexed" , description: "Use private DNS zones to override the DNS resolution for a private endpoint. Learn more at: https://aka.ms/privatednszone." , metadata: { 2 items version: "1.1.0" , category: "Event Grid" } , parameters: { 2 items privateDnsZoneId: { 2 items type: "String" , metadata: { 3 items displayName: "Private DNS Zone ID" , description: "Specifies the private DNS zone to use to configure private endpoint" , strongType: "Microsoft.Network/privateDnsZones" } } , effect: { 4 items type: "String" , metadata: { 2 items displayName: "Effect" , description: "Enable or disable the execution of the policy" } , allowedValues: [ 3 items "deployIfNotExists" , "DeployIfNotExists" , "Disabled" ] , defaultValue: "DeployIfNotExists" } } , policyRule: { 2 items if: { 1 item allOf: [ 2 items { 2 items field: "type" , equals: "Microsoft.Network/privateEndpoints" } , { 2 items count: { 2 items field: "Microsoft.Network/privateEndpoints/privateLinkServiceConnections[*].groupIds[*]" , where: { 2 items field: "Microsoft.Network/privateEndpoints/privateLinkServiceConnections[*].groupIds[*]" , equals: "domain" } } , greaterOrEquals: 1 } ] } , then: { 2 items effect: "[parameters('effect')]" , details: { 3 items type: "Microsoft.Network/privateEndpoints/privateDnsZoneGroups" , roleDefinitionIds: [ 1 item "/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7" Network Contributor ] , deployment: { 1 item properties: { 3 items mode: "incremental" , template: { 4 items $schema: "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#" , contentVersion: "1.0.0.0" , parameters: { 3 items } , resources: [ 1 item { 5 items name: 🔍 "[
concat(
parameters('privateEndpointName'),
'/deployedByPolicy'
)
]", type: "Microsoft.Network/privateEndpoints/privateDnsZoneGroups" , apiVersion: "2020-03-01" , location: "[parameters('location')]" , properties: { 1 item } } ] } , parameters: { 3 items } } } } } } }