• Adds the default route table to subnets (aceba347-1c3b-4ff8-9e62-64b29d26a709) Cmty• Enforce a route table on every subnet (112dff39-d7a2-4d2a-9885-0c301725ce30) Cmty• Newly created subnets will be assigned a Route Table (ad0328f0-915c-422f-98be-bc8d60159827) Cmty• No User Defined Route Table (1bcf6131-5f68-45ab-8ae9-d41bbc588674) Cmty• Prevent subnets without Route Table (43177425-57f6-442d-ab5b-6fc57f6f4ab3) Cmty• Subnets should have a User Defined Route (Deny-Subnet-Without-Udr) ALZ
• Adds the default network security group to subnets in case there is none. (ba4a485a-81cc-426c-9813-58ef0c97edec) Cmty• Gateway subnets should not be configured with a network security group (35f9c03a-cc27-418e-9c0c-539ff999d010) Builtin• NSG X on every subnet (c8178b2d-ab54-4c43-9620-7a2aa854049e) Cmty• Prevent subnets without NSG (74c23fa8-5cea-413e-bf2c-8226f7728a46) Cmty• Subnets must have an NSG and that NSG must have the same suffix as the subnet (de1b0589-1706-4262-a4ae-de82aff55300) Cmty• Subnets should have a Network Security Group (Deny-Subnet-Without-Nsg) ALZ
• Deny Service Endpoints on Subnets Based on Naming Convention (0baf3b25-fb0f-4160-842c-ace6e622feda) Cmty• Deny or Audit service endpoints on subnets (Deny-Service-Endpoints) ALZ• Service Endpoints on Subnets (2ad7cecd-e246-44fa-8215-b366d5781129) Cmty
• Virtual networks should use specified virtual network gateway (f1776c76-f58c-4245-a8d0-2b207198dc8b) Builtin