/
RequirePublicNetworkAccessDisabled_Deny.json
50 lines (50 loc) · 1.48 KB
/
RequirePublicNetworkAccessDisabled_Deny.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
{
"properties": {
"displayName": "Azure Cognitive Search services should disable public network access",
"description": "Disabling public network access improves security by ensuring that your Azure Cognitive Search service is not exposed on the public internet. Creating private endpoints can limit exposure of your Search service. Learn more at: https://aka.ms/azure-cognitive-search/inbound-private-endpoints.",
"policyType": "BuiltIn",
"mode": "Indexed",
"metadata": {
"version": "1.0.0",
"category": "Search"
},
"version": "1.0.0",
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Audit",
"Deny",
"Disabled"
],
"defaultValue": "Audit"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Search/searchServices"
},
{
"field": "Microsoft.Search/searchServices/publicNetworkAccess",
"notEquals": "Disabled"
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
},
"versions": [
"1.0.0"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/ee980b6d-0eca-4501-8d54-f6290fd512c3",
"name": "ee980b6d-0eca-4501-8d54-f6290fd512c3"
}