-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
RequirePrivateLinkSupportedResource_Deny.json
50 lines (50 loc) · 1.63 KB
/
RequirePrivateLinkSupportedResource_Deny.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
{
"properties": {
"displayName": "Azure Cognitive Search service should use a SKU that supports private link",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "With supported SKUs of Azure Cognitive Search, Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The private link platform handles the connectivity between the consumer and services over the Azure backbone network. By mapping private endpoints to your Search service, data leakage risks are reduced. Learn more at: https://aka.ms/azure-cognitive-search/inbound-private-endpoints.",
"metadata": {
"version": "1.0.0",
"category": "Search"
},
"version": "1.0.0",
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or Deny the execution of the policy"
},
"allowedValues": [
"Audit",
"Deny",
"Disabled"
],
"defaultValue": "Audit"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Search/searchServices"
},
{
"field": "Microsoft.Search/searchServices/sku.name",
"equals": "free"
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"versions": [
"1.0.0"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/a049bf77-880b-470f-ba6d-9f21c530cf83",
"name": "a049bf77-880b-470f-ba6d-9f21c530cf83"
}