last sync: 2021-Aug-04 14:59:26 UTC

Azure Policy definition

[Deprecated]: App Service should disable public network access

Name [Deprecated]: App Service should disable public network access
Azure Portal
Id d79ab062-dffd-4318-8344-f70de714c0bc
Version 1.0.0-deprecated
details on versioning
Category App Service
Microsoft docs
Description Disabling public network access improves security by ensuring that the app service is not exposed on the public internet. Creating private endpoints can limit exposure of the app service. Learn more at: https://aka.ms/app-service-private-endpoint.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated True
Effect Default: Audit
Allowed: (Audit, Disabled)
Used RBAC Role none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-06-22 14:29:30 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
2021-05-26 13:43:16 add d79ab062-dffd-4318-8344-f70de714c0bc
Used in Initiatives none
JSON Changes

JSON
{
  "properties": {
  "displayName": "[Deprecated]: App Service should disable public network access",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Disabling public network access improves security by ensuring that the app service is not exposed on the public internet. Creating private endpoints can limit exposure of the app service. Learn more at: https://aka.ms/app-service-private-endpoint.",
    "metadata": {
      "version": "1.0.0-deprecated",
      "category": "App Service",
      "deprecated": true
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.Web/sites/config"
          },
          {
            "field": "Microsoft.Web/sites/config/PublicNetworkAccess",
            "notEquals": "Disabled"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/d79ab062-dffd-4318-8344-f70de714c0bc",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "d79ab062-dffd-4318-8344-f70de714c0bc"
}