| Policy DisplayName |
Policy Id |
Category |
Effect |
Roles# |
Roles |
State |
Type |
| API Management should disable public network access to the service configuration endpoints |
df73bd95-24da-4a4f-96b9-4e8b94b402bd |
API Management |
Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled |
0 |
|
GA |
BuiltIn |
| App Configuration should disable public network access |
3d9f5e4c-9947-4579-9539-2a7695fbc187 |
App Configuration |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| App Service apps should disable public network access |
1b5ef780-c53c-4a64-87f3-bb9c8c8094ba |
App Service |
Default
Audit
Allowed
Audit, Disabled, Deny |
0 |
|
GA |
BuiltIn |
| App Service Environment apps should not be reachable over public internet |
2d048aca-6479-4923-88f5-e2ac295d9af3 |
App Service |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Automation accounts should disable public network access |
955a914f-bf86-4f0e-acd5-e0766b0efcb6 |
Automation |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Azure Cache for Redis should disable public network access |
470baccb-7e51-4549-8b1a-3e5be069f663 |
Cache |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Azure Cosmos DB should disable public network access |
797b37f7-06b8-444c-b1ad-fc62867f335a |
Cosmos DB |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Azure Key Vault should disable public network access |
405c5871-3e91-4644-8a63-58e19d68ff5b |
Key Vault |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Azure Kubernetes Service Private Clusters should be enabled |
040732e8-d947-40b8-95d6-854c95024bf8 |
Kubernetes |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Azure Machine Learning Workspaces should disable public network access |
438c38d2-3772-465a-a9cc-7a6666a275ce |
Machine Learning |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Bot Service should have public network access disabled |
5e8168db-69e3-4beb-9822-57cb59202a9d |
Bot Service |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Function apps should disable public network access |
969ac98b-88a8-449f-883c-2e9adb123127 |
App Service |
Default
Audit
Allowed
Audit, Disabled, Deny |
0 |
|
GA |
BuiltIn |
| Public network access on Azure SQL Database should be disabled |
1b8ca024-1d5c-4dec-8995-b1a932b41780 |
SQL |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for Azure File Sync |
21a8cd35-125e-4d13-b82d-2e19b7208bb7 |
Storage |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for Batch accounts |
74c5a0ae-5e48-4738-b093-65e23a060488 |
Batch |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for Container registries |
0fdf0491-d080-4575-b627-ad0e843cba0f |
Container Registry |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for MariaDB servers |
fdccbe47-f3e3-4213-ad5d-ea459b2fa077 |
SQL |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for MySQL flexible servers |
c9299215-ae47-4f50-9c54-8a392f68a052 |
SQL |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Public network access should be disabled for PostgreSQL flexible servers |
5e1de0e3-42cb-4ebc-a86d-61d0c619ca48 |
SQL |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |
| Storage accounts should disable public network access |
b2982f36-99f2-4db5-8eff-283140c09693 |
Storage |
Default
Audit
Allowed
Audit, Deny, Disabled |
0 |
|
GA |
BuiltIn |