AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Key Vault - Firewall Settings AUDIT

Name

Key Vault - Firewall Settings AUDIT
Community-Policy GitHub

key-vault-firewall-settings-audit

Version

1.0.0
details on versioning

Category

Key Vault
Microsoft docs

Description

This Azure Policy creates an audit event when the 'Allow access from' setting is not set to 'Private endpoints and selected networks' or when the Firewall does contain any IP addresses outside of the approved ones.

Mode

All

Type

Custom Community

Effect

Default
Audit
Allowed

Used RBAC Role

none

Rule Aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.KeyVault/vaults/networkAcls.defaultAction	Microsoft.KeyVault	vaults	properties.networkAcls.defaultAction	true
Microsoft.KeyVault/vaults/networkAcls.ipRules[*].value	Microsoft.KeyVault	vaults	properties.networkAcls.ipRules[*].value	true

Rule ResourceTypes

IF (1)
Microsoft.KeyVault/vaults

JSON