AzPolicyAdvertizer

last sync: 2025-Jul-25 17:39:48 UTC

Audit Allow Azure services and resources to access this server

Community Policy definition

Source

Repository Community-Policy GitHub
JSON Community-Policy GitHub

Deploy policy e369a998-a653-4e19-a058-a6256c3f999b (1.0.0) to Azure

Display name

Audit Allow Azure services and resources to access this server

e369a998-a653-4e19-a058-a6256c3f999b

Version

1.0.0
Details on versioning

Category

SQL
Microsoft Learn

Description

This option configures the firewall to allow connections from IP addresses allocated to any Azure service or asset, including connections from the subscriptions of other customers. Rather than allowing any service in any tenant to access this server, network access should be limited using the virtual network option or private access.

Mode

All

Type

Custom Community

Effect

Default
Audit
Allowed
Audit, Disabled

RBAC role(s)

none

Rule aliases

Rule resource types

IF (1)
Microsoft.Sql/servers/firewallrules

JSON

EPAC

{6 itemsdisplayName: "Audit Allow Azure services and resources to access this server",
description: "This option configures the firewall to allow connections from IP addresses allocated to any Azure service or asset, including connections from the subscriptions of other customers. Rather than allowing any service in any tenant to access this server, network access should be limited using the virtual network option or private access.",
metadata: {3 itemscategory: "SQL",
version: "1.0.0",
preview: true
},
mode: "All",
parameters: {1 itemeffect: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Effect",
description: "Audit or Disabled the execution of the Policy"
},
allowedValues: [2 items"Audit",
"Disabled"
],
defaultValue: "Audit"
}
},
policyRule: {2 itemsif: {1 itemallOf: [2 items{2 itemsfield: "type",
equals: "Microsoft.Sql/servers/firewallrules"
},
{2 itemsfield: "name",
like: "AllowAllWindowsAzureIps"
}
]
},
then: {1 itemeffect: "[parameters('effect')]"
}
}
}