-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
Communication_DataLocation_Audit.json
57 lines (57 loc) · 1.81 KB
/
Communication_DataLocation_Audit.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
{
"properties": {
"displayName": "Communication service resource should use allow listed data location",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Create a Communication service resource only from an allow listed data location. This data location determines where the data of the communication service resource will be stored at rest, ensuring your preferred allow listed data locations as this cannot be changed after resource creation.",
"metadata": {
"version": "1.0.0",
"category": "Communication"
},
"version": "1.0.0",
"parameters": {
"allowedDataLocations": {
"type": "Array",
"metadata": {
"displayName": "Allowed data locations",
"description": "The list of allowed data locations for your communication service resources."
}
},
"effect": {
"type": "String",
"defaultValue": "Audit",
"allowedValues": [
"Audit",
"Deny",
"Disabled"
],
"metadata": {
"displayName": "Effect",
"description": "The effect determines what happens when the policy rule is evaluated to match"
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Communication/CommunicationServices"
},
{
"field": "Microsoft.Communication/communicationServices/dataLocation",
"notIn": "[parameters('allowedDataLocations')]"
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"versions": [
"1.0.0"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/93c45b74-42a1-4967-b25d-82c4dc630921",
"name": "93c45b74-42a1-4967-b25d-82c4dc630921"
}