AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Denies NSG rule changes that allow all inbound traffic

Name Denies NSG rule changes that allow all inbound traffic
Community-Policy GitHub
Id network_deny-nsg-inbound-allow-all
Version n/a
details on versioning
Category undefined
Microsoft docs
Description Denies the creation of network security group rules that allow all inbound traffic
Mode All
Type Custom Community
Effect Fixed
deny
Used RBAC Role none
Rule Aliases IF (6)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Network/networkSecurityGroups/securityRules/access Microsoft.Network networkSecurityGroups/securityRules properties.access true
Microsoft.Network/networkSecurityGroups/securityRules/destinationPortRange Microsoft.Network networkSecurityGroups/securityRules properties.destinationPortRange true
Microsoft.Network/networkSecurityGroups/securityRules/destinationPortRanges[*] Microsoft.Network networkSecurityGroups/securityRules properties.destinationPortRanges[*] true
Microsoft.Network/networkSecurityGroups/securityRules/direction Microsoft.Network networkSecurityGroups/securityRules properties.direction true
Microsoft.Network/networkSecurityGroups/securityRules/sourceAddressPrefix Microsoft.Network networkSecurityGroups/securityRules properties.sourceAddressPrefix true
Microsoft.Network/networkSecurityGroups/securityRules/sourceAddressPrefixes[*] Microsoft.Network networkSecurityGroups/securityRules properties.sourceAddressPrefixes[*] true
Rule ResourceTypes
JSON