AzPolicyAdvertizer

last sync: 2025-Aug-26 17:22:56 UTC

Virtual networks should use specified virtual network gateway

Azure BuiltIn Policy definition

Source Azure Portal
Display name Virtual networks should use specified virtual network gateway
Id f1776c76-f58c-4245-a8d0-2b207198dc8b
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Network
Microsoft Learn
Description This policy audits any virtual network if the default route does not point to the specified virtual network gateway.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.*.*'
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/virtualNetworks/subnets/ipConfigurations[*].id Microsoft.Network virtualNetworks/subnets properties.ipConfigurations[*].id True False
Rule resource types IF (1)
Compliance
The following 3 compliance controls are associated with this Policy definition 'Virtual networks should use specified virtual network gateway' (f1776c76-f58c-4245-a8d0-2b207198dc8b)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
Azure_Security_Benchmark_v1.0 1.1 Azure_Security_Benchmark_v1.0_1.1 Azure Security Benchmark 1.1 Network Security Protect resources using Network Security Groups or Azure Firewall on your Virtual Network Customer Ensure that all Virtual Network subnet deployments have a Network Security Group applied with network access controls specific to your application's trusted ports and sources. Use Azure Services with Private Link enabled, deploy the service inside your Vnet, or connect privately using Private Endpoints. For service specific requirements, please refer to the security recommendation for that specific service. Alternatively, if you have a specific use case, requirements can be met by implementing Azure Firewall. General Information on Private Link: https://docs.microsoft.com/azure/private-link/private-link-overview How to create a Virtual Network: https://docs.microsoft.com/azure/virtual-network/quick-create-portal How to create an NSG with a security configuration: https://docs.microsoft.com/azure/virtual-network/tutorial-filter-network-traffic How to deploy and configure Azure Firewall: https://docs.microsoft.com/azure/firewall/tutorial-firewall-deploy-portal n/a link 20
CMMC_L2_v1.9.0 SC.L2_3.13.7 CMMC_L2_v1.9.0_SC.L2_3.13.7 Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 SC.L2 3.13.7 System and Communications Protection Split Tunneling Shared Prevent remote devices from simultaneously establishing non remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling). To mitigate security risks. 23
RMiT_v1.0 10.33 RMiT_v1.0_10.33 RMiT 10.33 Network Resilience Network Resilience - 10.33 Shared n/a A financial institution must design a reliable, scalable and secure enterprise network that is able to support its business activities, including future growth plans. link 27
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated BuiltIn true
Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 a4087154-2edb-4329-b56a-1cc986807f3c Regulatory Compliance GA BuiltIn unknown
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2019-10-11 00:02:54 add f1776c76-f58c-4245-a8d0-2b207198dc8b
JSON compare n/a
JSON
api-version=2021-06-01
EPAC