Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
42 lines (41 sloc) 1.55 KB
{
"properties": {
"mode": "Indexed",
"parameters": {
"subnetIds": {
"type": "Array",
"metadata": {
"description": "The subnetIds parameter must be provided with a list of subnets in format of resource ID (e.g /subscriptions/{subscription_id}/resourcegroups/{resource_group}/providers/microsoft.network/virtualnetworks/{vnet}/subnets/{subnet-name})",
"displayName": "List of Subnet IDs that can use a public IP"
}
}
},
"displayName": "Only Allow public IP in specific subnets",
"description": "Only allow public IPs to be used in specific subnets",
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Network/networkInterfaces"
},
{
"not": {
"field": "Microsoft.Network/networkInterfaces/ipconfigurations[*].publicIpAddress.id",
"exists": false
}
},
{
"not": {
"field": "Microsoft.Network/networkInterfaces/ipconfigurations[*].subnet.id",
"in": "[parameters('subnetIds')]"
}
}
]
},
"then": {
"effect": "deny"
}
}
}
}
You can’t perform that action at this time.