last sync: 2022-May-24 16:30:29 UTC

Azure Policy definition

[Preview]: All Internet traffic should be routed via your deployed Azure Firewall

Name [Preview]: All Internet traffic should be routed via your deployed Azure Firewall
Azure Portal
Id fc5e4038-4584-4632-8c85-c0448d374b2c
Version 3.0.0-preview
details on versioning
Category Network
Microsoft docs
Description Azure Security Center has identified that some of your subnets aren't protected with a next generation firewall. Protect your subnets from potential threats by restricting access to them with Azure Firewall or a supported next generation firewall
Mode All
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Used RBAC Role none
Rule Aliases IF (4)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/virtualNetworks/subnets[*] Microsoft.Network virtualNetworks properties.subnets[*] false
Microsoft.Network/virtualNetworks/subnets[*].ipConfigurations[*] Microsoft.Network virtualNetworks properties.subnets[*].properties.ipConfigurations[*] false
Microsoft.Network/virtualNetworks/subnets[*].name Microsoft.Network virtualNetworks properties.subnets[*].name false
Microsoft.Network/virtualNetworks/subnets[*].routeTable Microsoft.Network virtualNetworks properties.subnets[*].properties.routeTable true
THEN-ExistenceCondition (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/azureFirewalls/ipConfigurations[*] Microsoft.Network azureFirewalls properties.ipConfigurations[*] false
Microsoft.Network/azureFirewalls/ipConfigurations[*].subnet.id Microsoft.Network azureFirewalls properties.ipConfigurations[*].properties.subnet.id false
Rule ResourceTypes IF (1)
Microsoft.Network/virtualNetworks
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-03-17 09:22:59 add fc5e4038-4584-4632-8c85-c0448d374b2c
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated BuiltIn
[Deprecated]: Azure Security Benchmark v2 bb522ac1-bc39-4957-b194-429bcd3bcb0b Regulatory Compliance Deprecated BuiltIn
[Preview]: SWIFT CSCF v2021 abf84fac-f817-a70c-14b5-47eec767458a Regulatory Compliance Preview BuiltIn
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON