-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
RedisCache_EnableNonSSLPort_Modify.json
62 lines (62 loc) · 1.8 KB
/
RedisCache_EnableNonSSLPort_Modify.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
{
"properties": {
"displayName": "Configure Azure Cache for Redis to disable non SSL ports",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Enable SSL only connections to Azure Cache for Redis. Use of secure connections ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking",
"metadata": {
"category": "Cache",
"version": "1.0.0"
},
"version": "1.0.0",
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Modify",
"Disabled"
],
"defaultValue": "Modify"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Cache/Redis"
},
{
"field": "Microsoft.Cache/Redis/enableNonSslPort",
"equals": "true"
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"conflictEffect": "audit",
"roleDefinitionIds": [
"/providers/microsoft.authorization/roleDefinitions/e0f68234-74aa-48ed-b826-c38b57376e17"
],
"operations": [
{
"operation": "addOrReplace",
"field": "Microsoft.Cache/Redis/enableNonSslPort",
"value": false
}
]
}
}
},
"versions": [
"1.0.0"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/766f5de3-c6c0-4327-9f4d-042ab8ae846c",
"name": "766f5de3-c6c0-4327-9f4d-042ab8ae846c"
}