├── .github └── workflows │ ├── confirm-policy-definition-no-built-in-conflicts.yaml │ ├── confirm-policy-definition-validity.yaml │ └── manage-azure-policy-1e59415b.yml ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Customer panel slide-recordings └── Azure Governance Customer Call 2.24.pptx ├── LICENSE ├── Policies ├── Storage │ └── enforce-or-extend-storage-account-iprules-if-tag-match │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json └── Tags │ └── inherit-resoucegroup-multipletags-if-missing │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json ├── README.md ├── SECURITY.md ├── Scripts ├── Confirm-PolicyDefinitionIsValid.ps1 ├── Format-BulkPolicies.ps1 ├── Format-PolicyDefinition.ps1 ├── Invoke-ScriptTests.ps1 ├── Out-FormattedPolicyDefinition.ps1 ├── Out-PolicyInventoryToCsvFile.ps1 ├── PolicyInventory.csv └── Test │ ├── all-ok.json │ ├── effect-harcoded.json │ ├── effect-invalid-allowed-invalid-default.json │ ├── effect-invalid-allowed-no-default.json │ ├── effect-invalid-allowed-valid-default.json │ ├── effect-no-allowed-invalid-default.json │ ├── effect-no-allowed-no-default.json │ ├── effect-no-allowed-valid-default.json │ ├── effect-no-description.json │ ├── effect-no-metadata.json │ ├── effect-wrong-parameter-name.json │ ├── effect-wrong-type.json │ ├── guid-name-no-display-name.json │ ├── guid-not.json │ ├── invalid-json.json │ ├── long-description.json │ ├── long-displayName.json │ ├── long-policy-name.json │ ├── metadata-bad-category.json │ ├── metadata-lowercase-category.json │ ├── no-category.json │ ├── no-description.json │ ├── no-display-name-no-description.json │ ├── no-display-name-no-name.json │ ├── no-display-name.json │ ├── no-metadata.json │ ├── no-mode.json │ ├── no-name.json │ ├── no-version.json │ └── not-a-policy.json ├── policyDefinitions ├── API Management │ ├── audit-sample-products-should-be-removed-from-api-management │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-readonly-lock-for-api-management's-subnet │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── deny-enforcing-internal-vpn │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── App Configuration │ └── app-configuration-stores-should-should-have-soft-delete-enabled-of-7-days │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── App Service │ ├── allowed-app-services-plan-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── app-service-apps-should-use-the-latest-tls-version-for-scm-connections │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apps-require-app-gateway-front-end │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-app-service-vnetrouteallenabled │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-a-private-dns-zone-for-static-webapp │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-diagnostic-settings-for-all-web-app-service-plan-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-app-private-endpoint-private-dns-zone-link-domainbased │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-webapp-https-only-requirement │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-ftps-only-or-disablement-of-ftp-ftps-for-app-service-and-azure-functions │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-app-should-only-be-accessible-over-https │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-must-be-deployed-to-an-app-service-environment-ase │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-must-have-private-endpoints-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-should-authenticate-to-azure-container-registry-using-a-managed-identity │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-should-be-injected-into-a-virtual-network │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-should-have-ftp-basic-auth-disabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-should-have-incoming-client-certificates-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── function-apps-should-have-local-authentication-methods-for-deployment-disabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── latest-tls-version-should-be-used-in-your-function-app │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── linux-function-apps-should-only-use-a-specified-azure-container-registry-instance │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── remote-debugging-disabled-deploy-for-app-service │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── remote-debugging-should-be- disbaled-for-app-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-https-only-for-all-app-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── web-app-configure-always-on │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── web-app-require-always-on │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── web-apps-should-have-ftp-basic-auth-disabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Attestation │ └── manual-policy-per-subscription │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Authorization │ ├── allowed-principal-ids │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-role-definitions-for-specific-principal-ids │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-role-definitions │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-role-assignments-for-specific-principal-type │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-specified-resource-type-for-any-lock │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── custom-roles-are-not-allowed │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-custom-roles-with-exclusionlist │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-or-audit-for-a-specific-role-assignment-at-the-subscription-scope │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── disallowed-role-definitions │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Automation │ ├── audit-encryption-of-automation-account-variables │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-dsc-extension-to-azure-vm-and-arc-connected-machines │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── onboard-azure-vm-and-arc-connected-machines-to-azure-automation-dsc │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Azure Arc │ └── deploy-wac-extension-to-azure-arc-connected-machines │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Azure Data Explorer │ └── configure-private-dns-zones-for-azure-data-explorer-cluster-groupid │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Azure Databricks │ ├── audit-databricks-should-use-customer-managed-key-for-encrypting-dbfs │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── audit-databricks-should-use-customer-managed-key-for-encrypting-managed-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Azure Purview │ └── deploy-purview-account-cannotdelete-lock │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Backup │ ├── append-backup-rsvault-cmk │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── append-specified-values-for-encryption-using-customer-managed-keys-and-infrastructure-encryption-for-azure-backup │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── resource-lock-should-be-enabled │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vm-backup-without-tag │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── vm-tag-based-backup │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Batch │ └── audit-enabling-of-diagnostic-logs-in-batch-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Budget │ └── deploy-subscription-budget-in-mg │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Cache │ └── azure-redis-cache-should-supports-'standard-replication' │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Cognitive Services │ ├── audit-content-logging │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-a-private-dns-zone-id-for-cognitive-services-account-groupid │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── permit-only-approved-openai-models │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── permit-only-approved-types-of-cognitive-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── public-access-restriction │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Compute │ ├── activate-azure-benefits-for-windows-arc-machines │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allow-custom-vm-image-from-a-resource-group │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-disk-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-disk-states-for-azure-disks │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-disk-states-for-snapshots │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-vm-os │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── approved-vm-images │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-if-extension-does-not-exist │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-os-and-data-disks-encrypted-without-a-customer-managed-key │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-ssh-auth-on-existing-resources │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-use-of-classic-virtual-machines │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-virtual-machine-auto-shutdown │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-virtual-machine-scale-sets-without-automatic-os-upgrade-enabled │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-vm-byol-compliance │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-vms-based-on-marketplace-acg-images │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-vmsss-based-on-marketplace-acg-images │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── blocked-disk-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── compute-deploy-defender-for-servers │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-managed-disks-to-disable-public-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── create-delete-lock-on-specified-azure-vms │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── create-vm-using-managed-disk │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-data-access-authentication-mode │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-hybrid-use-benefit │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-ssh-auth-on-new-vms │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-azure-hybrid-benefit-for-windows │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-default-log-analytics-vm-extension-for-linux-vms │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-default-log-analytics-vm-extension-for-windows-vms │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-hybrid-use-for-windows-server │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-linux-vm-app │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-microsoft-iaasantimalware-extension-for-custom-windows-images │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-qualys-agent-to-windows-vms │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-vm-auto-shutdown │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-windows-vm-app │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enable-automatic-os-upgrade-on-virtual-machine-scale-sets │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-hybrid-use-benefit │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-redhat-hybrid-use-benefit │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── not-allowed-vm-extensions │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── only-allow-a-certain-vm-platform-image │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── only-allow-images-from-certain-image-publishers-to-be-deployed │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── only-approved-vmss-extensions-should-be-installed │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-deployment-of-windows-vm-or-vmss-without-byol │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vm-use-allowed-images │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── vmaccess-virtual-machine-extension-for-linux │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Container Registry │ ├── container-registries-enable-retention-policy │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── container-registries-enable-soft-delete-policy │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── container-registries-enable-trust-policy │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── container-registries-enable-zone-redundancy │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── container-registries-prevent-access-to-trusted-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── container-registries-prevent-managed-identity │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── enforce-admin-user-is-disabled-on-all-container-registry-instances │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Cosmos DB │ ├── audit-automatic-failover-for-azure-cosmos-db │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-automatic-failover-for-cosmosdb-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-cosmos-db-throughput-exceeding-max │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-geo-replication-for-azure-cosmos-db │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-or-deny-cosmos-db-multiple-write-locations-not-set-as-required │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── enforce-virtual-network-filtering-on-cosmos-db-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Cost Optimization │ ├── unused-app-service-plans-driving-cost-should-be-avoided │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── unused-disks-driving-cost-should-be-avoided │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── unused-public-ip-addresses-driving-cost-should-be-avoided │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Data Factory │ ├── deny-datafactory-identitytype │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── prevent-datafactory-managedssisruntime │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Data Lake │ ├── audit-enabling-of-diagnostic-logs-in-data-lake-analytics │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── enforce-encryption-on-data-lake-store-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Database for PostgreSQL │ ├── allowed-postgresql-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── postgresql-diagnostic-settings-v1 │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── postgresql-diagnostic-settings │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── postgresql-flexible-servers-should-enforce-ssl-connections │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── postgresql-flexible-servers-should-log-checkpoints │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── postgresql-flexible-servers-should-log-connections │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Dev Test Labs │ └── allowed-devtestlabs-repo-url-prefix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Event Grid │ ├── enforce-event-grid-system-topic-handler-type-to-be-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── enforce-event-grid-system-topic-source-type-to-be-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Event Hub │ ├── audit-authorization-rules-on-event-hub-namespaces │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-existence-of-authorization-rules-on-event-hub-entities │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-configure-event-hubs-to-allow-only-certain-skus │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-configure-event-hubs-to-disable-public-network-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-configure-event-hubs-to-use-availability-zones │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── event-hub-firewall-should-only-allow-certain-ips │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── event-hub-namespaces-should-have-the-specified-minimum-tls-version │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── General │ ├── allowed-nc-for-allowed-locations-for-rgs │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-resource-locks-on-resource-groups-based-on-tags │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-fabric-capacity-creation │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-resource-lock-on-rgs-tag-exclusion │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── match-multiple-name-patterns │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── name-pattern-with-like-condition │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── name-pattern-with-match-condition │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── protect-resources-with-deny-action │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-resource-location-match-resourcegroup │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── resource-name-contains-resource-group-name │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── use-match-condition-on-tag-value │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Key Vault │ ├── audit-if-key-vault-has-no-virtual-network-rules │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-when-a-given-service-principal-is-assigned-to-the-key-vault-data-plane │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-when-a-given-service-principal-is-not-assigned-to-the-key-vault-data-plane │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-creation-of-access-policies-with-certificate-authorities-roles │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-deployment-with-access-to-specific-services-vm,-arm,-ade │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-deployment-with-azure-rbac-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-kv-resourceaccess-arm-template-deployment │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-kv-resourceaccess-disk-encryption │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-kv-resourceaccess-virtual-machine-deployment │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-setting-for-key-vault-to-stream-to-event-hub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enable-soft-delete-and-purge-protection-on-key-vaults │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-key-vault-firewall-blocking-public-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-key-vault-premium-sku │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-diagnostic-settings-aine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-diagnostic-settings-dine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-firewall-settings-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-firewall-settings-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-sku-setting-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── key-vault-sku-setting-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── prevent-key-vault-access-to-trusted-services │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Kubernetes │ ├── aks-prevent-load-balancer-profile │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── aks-prevent-node-public-ip │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-external-ips │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── allowed-host-paths │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── allowed-proc-mount-types │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── allowed-seccomp-profiles │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── allowed-users │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── allowed-volume-types │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── append-aks-api-ip-restrictions │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── block-usage-of-the-default-namespace-in-a-kubernetes-cluster │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ └── template.yaml │ ├── container-allowed-capabilities │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── container-disallowed-capabilities │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── do-not-allow-container-privilege-escalation-in-kubernetes-cluster │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ └── template.yaml │ ├── do-not-allow-sharing-of-host-process-id-and-ipc-namespaces-in-a-kubernetes-cluster │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ └── template.yaml │ ├── enforce-aks-aad-support │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-aks-network-plugin │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-aks-outbound-type │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-apparmor-profile │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violations.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── ensure-ephemeral-disks-are-used-for-os-disks-on-agent-pool-profiles │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── ensure-ephemeral-disks-are-used-for-os-disks-on-agent-pools │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── ensure-read-only-access-to-root-filesystem-in-a-kubernetes-cluster │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ └── template.yaml │ ├── ensure-the-aks-cluster-is-not-using-the-free-tier-sku │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── flexvolume-drivers │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── forbidden-sysctl-interfaces │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── host-network-ports │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ │ ├── azurepolicy.assignment.parameters.json │ │ │ └── example_good.yaml │ │ ├── examples-violations │ │ │ └── violation.yaml │ │ ├── rego │ │ │ ├── src.rego │ │ │ └── src_test.rego │ │ └── template.yaml │ ├── kubernetes-clusters-should-disable-automounting-api-credentials │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ └── template.yaml │ └── selinux │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ ├── constraint.yaml │ │ ├── examples-good │ │ ├── azurepolicy.assignment.parameters.json │ │ └── example_good.yaml │ │ ├── examples-violations │ │ └── violation.yaml │ │ ├── rego │ │ ├── src.rego │ │ └── src_test.rego │ │ └── template.yaml ├── Logic Apps │ └── audit-enabling-of-diagnostic-logs-in-logic-apps │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Managed Identity │ ├── add-user-assigned-managed-identity-to-virtual-machines │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── assign-cross-subscription-user-assigned-managed-identity-to-virtual-machine-scale-set │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── assign-cross-subscription-user-assigned-managed-identity-to-virtual-machines │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Monitoring │ ├── To Event Hub │ │ ├── Configure diagnostic settings for Blob Services to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Configure diagnostic settings for File Services to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Configure diagnostic settings for Queue Services to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Configure diagnostic settings for Storage Accounts to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Configure diagnostic settings for Table Services to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for AVD Application Group to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for AVD Host Pool to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for AVD Scaling Plan to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for AVD Workspace to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Analysis Services to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for App Service to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Application Gateway to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Application Insights to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Autoscale Settings to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Azure API for FHIR to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Azure Data Explorer Cluster to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Azure Function App to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Batch Account to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for CDN Endpoint to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Cosmos DB to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Data Factory to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Database for MySQL to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Database for PostgreSQL to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Databricks to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Dev Center to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Event Grid System Topic to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Event Grid Topic to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for ExpressRoute to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Firewall to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Load Balancer to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Logic Apps ISE to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Logic Apps to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Machine Learning workspace to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for MariaDB to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Network Security Groups to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Power BI Embedded to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Recovery Services vault to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Relay to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for SQL Pools under Synapse Analytics to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Synapse Analytics to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Synapse Spark Pool to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Time Series Insights to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Traffic Manager to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── Deploy Diagnostic Settings for Virtual Network to Event Hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ ├── apply-diagnostic-settings-for-aks-microsoft.containerservice-managedclusters-to-a-regional-event-hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ │ └── apply-diagnostic-settings-for-microsoft.dbforpostgresql-flexibleservers-to-a-regional-event-hub │ │ │ ├── azurepolicy.json │ │ │ ├── azurepolicy.parameters.json │ │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-key-vault-to-a-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-key-vault-to-a-regional-event-hub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-public-ipaddresses-to-a-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-public-ipaddresses-to-a-regional-event-hub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-sql-to-a-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-azure-sql-to-a-regional-event-hub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── apply-diagnostic-settings-for-network-security-groups │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-configuration-of-metric-alert-rules-on-batch-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-diagnostic-setting │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-diagnostic-settings-for-wvd-application-groups-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-diagnostic-settings-for-wvd-host-pools-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-diagnostic-settings-for-wvd-workspaces-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-enabling-of-diagnostic-logs-in-app-services │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-enabling-of-diagnostic-logs-in-event-hub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-enabling-of-diagnostic-logs-in-key-vault │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-ama-on-linux-vm-with-cross-subscription-uami │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-ama-on-linux-vmss-with-cross-subscription-uami │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-ama-on-windows-vm-with-cross-subscription-uami │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-ama-on-windows-vmss-with-cross-subscription-uami │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-azure-activity-logs-to-stream-to-specified-event-hub-v2 │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-azure-activity-logs-to-stream-to-specified-event-hub │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-diagnostic-settings-for-storage-accounts-to-event-hub │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-change-of-retention-days-in-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-activity-log-alert-to-detect-crud-against-policy-assingments │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-activity-log-alert-to-detect-crud-against-policy-definitions │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-activity-log-to-event-hub │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-activity-log-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-activity-log-to-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-app-service-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-application-insights-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-autoscale-settings-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage,-including-blobs,-files,-tables,-and-queues-to-a-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage-blobs-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage-files-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage-queues-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage-tables-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-azure-storage-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-dev-centers-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-expressroute-connection-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-sql-pool-under-synapse-analytics-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-storage-blob-services-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-storage-file-services-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-storage-queue-services-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-storage-table-services-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-subscription-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-subscription-to-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-synapse-analytic-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-web-slots-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-wvd-application-groups-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-wvd-host-pools-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-for-wvd-workspaces-to-log-analytics-workspace │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-diagnostic-settings-on-azure-kubernetes-service-and-send-to-eventhub │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-linux-diagnostic-agent-to-collect-security-related-events │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-log-analytics-agent-dynamically-to-different-regions-for-linux-vms │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-log-analytics-agent-dynamically-to-different-regions-for-windows-vms │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-service-health-alerts-and-corresponding-action-group-to-notifiy-of-service-health-incidents │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sql-managed-instance-database-diagnostic-setting-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sql-managed-instance-diagnostic-setting-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-windows-diagnostic-agent-to-collect-security-related-events │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enable-logging-by-category-group-for-notification-hubs-namespaces-to-event-hub │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enable-logging-by-category-group-for-notification-hubs-namespaces-to-log-analytics │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── log-analytics-workspace-require-daily-quota │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── log-analytics-workspace-require-retention-in-days │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Network │ ├── address-space-must-be-pre-allocated-for-region │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── adds-route-with-address-prefix-0.0.0.0-0-pointing-to-the-virtual-appliance-in-case-there-is-none │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── adds-the-default-network-security-group-to-subnets-in-case-there-is-none │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── adds-the-default-route-table-to-subnets │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-application-gateway-skus │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-express-route-bandwidth │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-express-route-skus │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-load-balancer-skus │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-pdns-zones │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-peering-location-for-express-route │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-virtual-network-gateway-skus │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-vm-images-for-resource-groups-containing-a-specific-suffix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── app-gateway-can-only-have-a-vm's-or-vmss-in-its-backend-pool │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── append-nsg-rule │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-changes-to-route-tables-udrs │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-for-application-gateway-without-http-redirect │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-if-network-watcher-is-not-enabled-for-region │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-loadbalancers-with-public-ip │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-peering-between-two-prefixes-based-on-first-octate │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-servicebus-namespaces-without-network-configuration │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-unattached-static-public-ips │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── azure-firewall-policy-should-only-allow-user-defined-standard-ports-and-fqdns-within-application-rules │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── azure-firewall-policy-should-only-allow-user-defined-standard-ports-and-fqdns-within-network-rules │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── block-nsg-creations-and-updates │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-private-endpoint-for-paas-services-to-use-private-dns-zones │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── create-nsg-rule │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── create-private-dns-zone-virtual-network-link-to-virtual-networks-if-not-available │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── denies-nsg-rule-changes-that-allow-all-inbound-traffic │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-app-gateway-only-allowed-in-approved-subnet │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-app-gateways-cant-have-private-listener │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-bastion-shared-links │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-changing-address-space-of-a-virtual-network │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-changing-vnet-dns-settings-from-pre-defined-value │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-creation-of-vnets-that-don't-follow-a-pre-defined-naming-convention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-load-balancer-outbound-rules │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-new-security-rules-with-source-any-adding-to-existing-nsgs │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-nics-from-having-public-ips-when-attached-to-subnets-containing-a-defined-suffix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-nics-joining-an-asg-if-in-a-different-resource-group │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-nsg-rule-inbound-from-internet-network-security-group │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-nsgs-with-rules-with-source-any │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-ports-nsg │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-private-endpoints-if-not-being-deployed-to-a-specific-subnet │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-private-endpoints-in-specific-subnets-based-on-a-naming-convention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-private-link-service │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-route-with-address-prefix-0.0.0.0-0-not-pointing-to-the-virtual-appliance │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-route-with-next-hop-type-internet │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-service-endpoints-on-subnets-based-on-naming-convention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-subnet-delegation-on-subnets-containing-a-key-word │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-subnets-missing-suffix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-vm-creation-in-subnets-that-contain-specified-suffix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-vm-vmss-and-load-balancer-from-subnet │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-vnet-creation-outside-of-resource-groups-based-on-a-naming-standard │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-a-traffic-analytics-enabled-flow-log-resource-with-target-tagged-network-security-group │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-a-traffic-analytics-enabled-flow-log-resource-with-target-virtual-network │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-a-user-defined-route-to-a-vnet-with-specific-routes │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-network-watcher-when-virtual-networks-are-created │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-nsg-flow-logs-to-target-region │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-nsg-rule │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-private-endpoint-private-dns-zone-link │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-route-to-route-tables │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-a-route-table-on-every-subnet │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-disabling-of-snat-in-load-balancer-rules │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-enabling-private-endpoint-network-policies-on-subnets │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-firewall-policy-dns-servers │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-load-balancer-private-ip-addresses-only-in-frontend-configuration │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-load-balancer-regional-tier │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-load-balancer-standard-sku │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-network-security-groups-to-have-a-deny-rdp-security-rule │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-vnet-dns-servers │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── expressroute-should-not-use-authorization-keys │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── modify-inject-routes-into-exsiting-route-table │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── network-security-group-security-rules │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── network-security-groups-allow-inbound-rules-with-any-as-source │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── newly-created-subnets-will-be-assigned-a-route-table │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── newly-created-vnets-will-have-certain-subnets-assigned-a-route-table │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── no-network-peering-to-er-network │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── no-user-defined-route-table │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── nsg-rule-ports-without-ip-source │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── nsg-x-on-every-subnet │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-subscription-private-link │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-acr │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-aks │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-ampls │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-eventgrid-domains │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-eventgrid-topics │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-key-vault │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-cross-tenant-private-link-for-storage │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-deletion-of-private-dns-zone │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-inbound-dnat-on-azure-firewalls │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-internet-routes-in-route-tables │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-route-with-next-hop-type-internet-nexthop-fw │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-subnets-without-nsg │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── prevent-subnets-without-route-table │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-specific-route-on-udr │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-endpoints-on-subnets │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── subnets-must-have-an-nsg-and-that-nsg-must-have-the-same-suffix-as-the-subnet │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── use-approved-subnet-for-vm-network-interfaces │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── use-approved-vnet-for-vm-network-interfaces │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── virtual-machine-nic-must-have-nsg │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vms-in-resource-groups-containing-suffix-must-have-nics-in-resource-groups-with-same-suffix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vms-not-in-a-specific-subnet-cannot-be-part-of-a-backend-pool │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vnet-peering-deny-removal │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── vnet-peering-disallowed-outside-subscription │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── vnet-peering-is-only-allowed-to-approved-vnets │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Policy │ ├── deny-policy-exemption-with-an-expiration-date-greater-than-given-days │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-policy-exemption-without-description │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-policy-exemption-without-expiration-date │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── deny-policy-exemption-without-given-info │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Regulatory Compliance │ └── deploy-cannotdelete-resource-lock-on-resource-groups │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── SQL Server │ ├── audit-sql-vm-byol-compliance │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── enable-hybrid-use-for-sql-iaas │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── SQL │ ├── allowed-sql-database-collations │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-sql-db-skus │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── allowed-sql-elastic-pool-capacity │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-allow-azure-services-and-resources-to-access-this-server │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-db-level-threat-detection-setting │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-if-no-aad-admin │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-private-endpoint-connections-setting-for-azure-sql-database │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-public-network-access-setting-for-azure-sql-database │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-server-level-threat-detection-setting │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-sql-db-level-audit-setting │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-sql-db-without-hybrid-licensing │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-sql-server-firewall-rule │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-sql-server-level-auditing-settings │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-sql-server-virtual-network-rule │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-transparent-data-encryption-status │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-azure-sql-db-to-use-tls-1.2 │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-changes-to-sqlmi-long-term-backup-retention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-postgresql-version │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-sql-database-transparent-data-encryption-disablement │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-sql-vm-tempdb-localssd │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-advanced-data-security-managed-instances │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-advanced-data-security-on-sql-servers-exempt-resources-with-a-matching-tag-key-value │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-hybrid-use-for-azure-sql-elastic-pools │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-hybrid-use-for-sql-paas │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-hybrid-use-sql-mi │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sql-database-diag-loganalytics │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sql-managedinstance-diag-loganalytics │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sql-server-auditing │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ ├── azurepolicy.rules.json │ │ └── createStorage.template.json │ ├── deploy-tde-sql-databases │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-threat-detection-on-sql-servers │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── depoly-sql-managedinstance-shortterm-backup-retention-policy │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-1.2-as-minimum-tls-version-for-sql-server │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-postgresql-administrator-group-principal-name-prefix │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-postgresql-administrator-principal-types │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-postgresql-entra-only-authentication │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-ssl-on-all-db-for-mysql-instances │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── ensure-server-parameter-'audit_log_enabled'-is-on-for-mysql-db-server │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── geo-replicated-microsoft-sql-databases │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-secure-transport-shoud-be-enabled-for-mysql-flexible-servers │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-sql-server-vm-auto-backup │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-sql-server-vm-auto-patching │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-sql-server-vm-key-vault-integration │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-sql-server-vm-sql-connectivity │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── require-sql-vm-license-models │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── sql-databases-should-be-zone-redundant │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── sql-db-backup-retention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── sql-server-auditing-settings-must-log-to-specified-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Search │ └── return-forbidden-for-auth-failure │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Security Center │ ├── deny-enabling-security-center-auto-provisioning │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-azure-security-center-pricing-tier │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-azure-security-center-vulnerability-assessment-extension-if-does-not-exist │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── deploy-security-center-standard-to-workspaces │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Service Bus │ ├── service-bus-namespace-customer-managed-keys-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-customer-managed-keys-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-diagnostic-settings-aine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-diagnostic-settings-dine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-firewall-settings-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-firewall-settings-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-tier-setting-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-tier-setting-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── service-bus-namespace-trusted-microsoft-services-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── service-bus-namespace-trusted-microsoft-services-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Storage │ ├── audit-azure-files-should-have-soft-delete-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-azure-storage-blobs-and-containers-should-have-soft-delete-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-diagnostic-setting-for-selected-resource-types │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-storage-accounts-with-unrestricted-network-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-storage-encryptionwithouthsm │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── audit-storageaccounts-should-have-lifecycle-policy-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-blob-soft-delete-on-a-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── configure-storage-account-to-have-container-soft-delete-enabled │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-blob-softdelete-retention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-deletion-of-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-local-authentication-usage │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deny-permanent-delete-for-soft-deleted-items │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-'geo-redundant'-replication-on-storage-account │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-a-data-lifecycle-management-policy-for-storage-accounts │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-sas-expiration-policy-on-storage-account │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── deploy-storage-advanced-threat-protection-tag-exemption │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── disable-storage-atp-based-on-tag │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enable-blob-softdelete-30days │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-or-extend-storage-account-iprules-if-tag-match │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-storage-account-public-firewall-blocking-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── enforce-storageaccount-namingconvention │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── ensure-https-traffic-only-for-storage-account │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── ensure-storage-file-encryption │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── restrict-cloud-shell-storage-account-creation │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── restrict-container-immutability-period │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-access-key-setting-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-access-key-setting-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-access-tier │ │ ├── README.md │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-customer-managed-keys-blob-and-file-storage-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-customer-managed-keys-blob-and-file-storage-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-customer-managed-keys-queue-and-table-storage-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-customer-managed-keys-queue-and-table-storage-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-diagnostic-settings-aine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-diagnostic-settings-dine │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-firewall-settings-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-firewall-settings-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-public-access-should-be-disallowed-block-anonymous-blob-access │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-read-access-logs-and-metrics-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-read-access-logs-and-metrics-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-tls-setting-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-tls-setting-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-trusted-azure-services-audit │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-account-trusted-azure-services-deny │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-accounts-firewall-ip-rules-may-only-contain-ips-from-a-list-of-approved-ips │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-accounts-should-be-have-minimal-tls-version-1.2 │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ ├── storage-accounts-should-enable-aad-authorization-in-the-azure-portal │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json │ └── storage-accounts-should-prevent-allowed-copy-scope-outside-aad-tenant │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json ├── Synapse │ └── deploy-diagnostic-settings-for-synapse-spark-pool-to-log-analytics-workspace │ │ ├── azurepolicy.json │ │ ├── azurepolicy.parameters.json │ │ └── azurepolicy.rules.json └── Tags │ ├── add-date-created-tag │ ├── README.md │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── append-tag-and-its-value-from-the-resource-group │ ├── README.md │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── audit-resource-groups-missing-tags │ ├── README.md │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── deny-resource-without-tag │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── enforce-tag-and-its-value-on-resource-groups │ ├── README.md │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── enforce-tag-casing-on-resource-groups-and-subscriptions │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── enforce-tag-casing-on-resources │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── enforce-tag-name-and-value-casing-on-rg-and-sub │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── inherit-a-tag-from-resource-group-and-overwrite-existing │ ├── README.md │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── inherit-tag-from-subscription-to-resource-group │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── required-tag-and-value-set-on-resource-groups │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── required-tag-and-value-set-on-resources │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── required-tag-and-value-set-on-subscriptions │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── validate-date-tag-on-subscription │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ ├── validate-email-tag-on-subscription │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json │ └── validate-length-of-subscription-tag │ ├── azurepolicy.json │ ├── azurepolicy.parameters.json │ └── azurepolicy.rules.json └── policySetDefinitions ├── multiple-billing-tags ├── README.md ├── azurepolicyset.definitions.json ├── azurepolicyset.json └── azurepolicyset.parameters.json ├── regulatorycompliance-nzism ├── README.md ├── azurepolicyset.definitions.json ├── azurepolicyset.groups.json ├── azurepolicyset.json ├── azurepolicyset.parameters.json └── deploy-initiative.ps1 └── skus-for-multiple-types ├── README.md ├── azurepolicyset.definitions.json ├── azurepolicyset.json └── azurepolicyset.parameters.json /.github/workflows/confirm-policy-definition-no-built-in-conflicts.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/.github/workflows/confirm-policy-definition-no-built-in-conflicts.yaml -------------------------------------------------------------------------------- /.github/workflows/confirm-policy-definition-validity.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/.github/workflows/confirm-policy-definition-validity.yaml -------------------------------------------------------------------------------- /.github/workflows/manage-azure-policy-1e59415b.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/.github/workflows/manage-azure-policy-1e59415b.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | output* 3 | **/.vscode/ 4 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /Customer panel slide-recordings/Azure Governance Customer Call 2.24.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Customer panel slide-recordings/Azure Governance Customer Call 2.24.pptx -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/LICENSE -------------------------------------------------------------------------------- /Policies/Tags/inherit-resoucegroup-multipletags-if-missing/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Policies/Tags/inherit-resoucegroup-multipletags-if-missing/azurepolicy.json -------------------------------------------------------------------------------- /Policies/Tags/inherit-resoucegroup-multipletags-if-missing/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Policies/Tags/inherit-resoucegroup-multipletags-if-missing/azurepolicy.rules.json -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/SECURITY.md -------------------------------------------------------------------------------- /Scripts/Confirm-PolicyDefinitionIsValid.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Confirm-PolicyDefinitionIsValid.ps1 -------------------------------------------------------------------------------- /Scripts/Format-BulkPolicies.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Format-BulkPolicies.ps1 -------------------------------------------------------------------------------- /Scripts/Format-PolicyDefinition.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Format-PolicyDefinition.ps1 -------------------------------------------------------------------------------- /Scripts/Invoke-ScriptTests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Invoke-ScriptTests.ps1 -------------------------------------------------------------------------------- /Scripts/Out-FormattedPolicyDefinition.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Out-FormattedPolicyDefinition.ps1 -------------------------------------------------------------------------------- /Scripts/Out-PolicyInventoryToCsvFile.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Out-PolicyInventoryToCsvFile.ps1 -------------------------------------------------------------------------------- /Scripts/PolicyInventory.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/PolicyInventory.csv -------------------------------------------------------------------------------- /Scripts/Test/all-ok.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/all-ok.json -------------------------------------------------------------------------------- /Scripts/Test/effect-harcoded.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-harcoded.json -------------------------------------------------------------------------------- /Scripts/Test/effect-invalid-allowed-invalid-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-invalid-allowed-invalid-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-invalid-allowed-no-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-invalid-allowed-no-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-invalid-allowed-valid-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-invalid-allowed-valid-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-no-allowed-invalid-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-no-allowed-invalid-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-no-allowed-no-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-no-allowed-no-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-no-allowed-valid-default.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-no-allowed-valid-default.json -------------------------------------------------------------------------------- /Scripts/Test/effect-no-description.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-no-description.json -------------------------------------------------------------------------------- /Scripts/Test/effect-no-metadata.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-no-metadata.json -------------------------------------------------------------------------------- /Scripts/Test/effect-wrong-parameter-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-wrong-parameter-name.json -------------------------------------------------------------------------------- /Scripts/Test/effect-wrong-type.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/effect-wrong-type.json -------------------------------------------------------------------------------- /Scripts/Test/guid-name-no-display-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/guid-name-no-display-name.json -------------------------------------------------------------------------------- /Scripts/Test/guid-not.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/guid-not.json -------------------------------------------------------------------------------- /Scripts/Test/invalid-json.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/invalid-json.json -------------------------------------------------------------------------------- /Scripts/Test/long-description.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/long-description.json -------------------------------------------------------------------------------- /Scripts/Test/long-displayName.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/long-displayName.json -------------------------------------------------------------------------------- /Scripts/Test/long-policy-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/long-policy-name.json -------------------------------------------------------------------------------- /Scripts/Test/metadata-bad-category.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/metadata-bad-category.json -------------------------------------------------------------------------------- /Scripts/Test/metadata-lowercase-category.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/metadata-lowercase-category.json -------------------------------------------------------------------------------- /Scripts/Test/no-category.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-category.json -------------------------------------------------------------------------------- /Scripts/Test/no-description.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-description.json -------------------------------------------------------------------------------- /Scripts/Test/no-display-name-no-description.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-display-name-no-description.json -------------------------------------------------------------------------------- /Scripts/Test/no-display-name-no-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-display-name-no-name.json -------------------------------------------------------------------------------- /Scripts/Test/no-display-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-display-name.json -------------------------------------------------------------------------------- /Scripts/Test/no-metadata.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-metadata.json -------------------------------------------------------------------------------- /Scripts/Test/no-mode.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-mode.json -------------------------------------------------------------------------------- /Scripts/Test/no-name.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-name.json -------------------------------------------------------------------------------- /Scripts/Test/no-version.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/no-version.json -------------------------------------------------------------------------------- /Scripts/Test/not-a-policy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/Scripts/Test/not-a-policy.json -------------------------------------------------------------------------------- /policyDefinitions/API Management/deny-enforcing-internal-vpn/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/API Management/deny-enforcing-internal-vpn/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/API Management/deny-enforcing-internal-vpn/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/API Management/deny-enforcing-internal-vpn/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/allowed-app-services-plan-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/allowed-app-services-plan-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/allowed-app-services-plan-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/allowed-app-services-plan-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/apps-require-app-gateway-front-end/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/apps-require-app-gateway-front-end/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/audit-app-service-vnetrouteallenabled/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/audit-app-service-vnetrouteallenabled/README.md -------------------------------------------------------------------------------- /policyDefinitions/App Service/audit-app-service-vnetrouteallenabled/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/audit-app-service-vnetrouteallenabled/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/deploy-webapp-https-only-requirement/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/deploy-webapp-https-only-requirement/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-configure-always-on/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-require-always-on/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-require-always-on/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-require-always-on/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-require-always-on/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/App Service/web-app-require-always-on/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/App Service/web-app-require-always-on/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Attestation/manual-policy-per-subscription/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Attestation/manual-policy-per-subscription/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Attestation/manual-policy-per-subscription/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Attestation/manual-policy-per-subscription/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-principal-ids/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-role-definitions/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-role-definitions/README.md -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/allowed-role-definitions/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/audit-specified-resource-type-for-any-lock/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/audit-specified-resource-type-for-any-lock/README.md -------------------------------------------------------------------------------- /policyDefinitions/Authorization/custom-roles-are-not-allowed/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/custom-roles-are-not-allowed/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/custom-roles-are-not-allowed/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/custom-roles-are-not-allowed/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/deny-custom-roles-with-exclusionlist/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/deny-custom-roles-with-exclusionlist/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/disallowed-role-definitions/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/disallowed-role-definitions/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Authorization/disallowed-role-definitions/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Authorization/disallowed-role-definitions/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/append-backup-rsvault-cmk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/append-backup-rsvault-cmk/README.md -------------------------------------------------------------------------------- /policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/append-backup-rsvault-cmk/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/resource-lock-should-be-enabled/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/resource-lock-should-be-enabled/README.md -------------------------------------------------------------------------------- /policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/resource-lock-should-be-enabled/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-backup-without-tag/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-backup-without-tag/README.md -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-backup-without-tag/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-tag-based-backup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-tag-based-backup/README.md -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Backup/vm-tag-based-backup/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Batch/audit-enabling-of-diagnostic-logs-in-batch-accounts/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Batch/audit-enabling-of-diagnostic-logs-in-batch-accounts/README.md -------------------------------------------------------------------------------- /policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Budget/deploy-subscription-budget-in-mg/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Cognitive Services/audit-content-logging/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cognitive Services/audit-content-logging/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Cognitive Services/audit-content-logging/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cognitive Services/audit-content-logging/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Cognitive Services/public-access-restriction/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cognitive Services/public-access-restriction/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Cognitive Services/public-access-restriction/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cognitive Services/public-access-restriction/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allow-custom-vm-image-from-a-resource-group/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allow-custom-vm-image-from-a-resource-group/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-skus/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-skus/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-states-for-azure-disks/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-states-for-azure-disks/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-states-for-azure-disks/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-states-for-azure-disks/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-states-for-snapshots/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-states-for-snapshots/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-disk-states-for-snapshots/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-disk-states-for-snapshots/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-vm-os/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-vm-os/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-vm-os/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-vm-os/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/allowed-vm-os/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/allowed-vm-os/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/approved-vm-images/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/approved-vm-images/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/approved-vm-images/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/approved-vm-images/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/approved-vm-images/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/approved-vm-images/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/approved-vm-images/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/approved-vm-images/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-if-extension-does-not-exist/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-if-extension-does-not-exist/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-if-extension-does-not-exist/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-if-extension-does-not-exist/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-if-extension-does-not-exist/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-if-extension-does-not-exist/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-ssh-auth-on-existing-resources/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-use-of-classic-virtual-machines/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-use-of-classic-virtual-machines/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-use-of-classic-virtual-machines/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-use-of-classic-virtual-machines/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-virtual-machine-auto-shutdown/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-virtual-machine-auto-shutdown/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-virtual-machine-auto-shutdown/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-virtual-machine-auto-shutdown/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-vm-byol-compliance/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-vm-byol-compliance/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-vm-byol-compliance/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/audit-vms-based-on-marketplace-acg-images/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/audit-vms-based-on-marketplace-acg-images/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/blocked-disk-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/blocked-disk-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/blocked-disk-skus/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/blocked-disk-skus/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/blocked-disk-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/blocked-disk-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/compute-deploy-defender-for-servers/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/compute-deploy-defender-for-servers/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/compute-deploy-defender-for-servers/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/compute-deploy-defender-for-servers/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/compute-deploy-defender-for-servers/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/compute-deploy-defender-for-servers/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/create-delete-lock-on-specified-azure-vms/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/create-delete-lock-on-specified-azure-vms/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/create-vm-using-managed-disk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/create-vm-using-managed-disk/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/create-vm-using-managed-disk/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-data-access-authentication-mode/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-data-access-authentication-mode/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-data-access-authentication-mode/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-data-access-authentication-mode/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-hybrid-use-benefit/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-hybrid-use-benefit/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-hybrid-use-benefit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-ssh-auth-on-new-vms/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-ssh-auth-on-new-vms/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deny-ssh-auth-on-new-vms/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-azure-hybrid-benefit-for-windows/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-azure-hybrid-benefit-for-windows/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-hybrid-use-for-windows-server/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-linux-vm-app/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-qualys-agent-to-windows-vms/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-qualys-agent-to-windows-vms/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-qualys-agent-to-windows-vms/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-qualys-agent-to-windows-vms/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-vm-auto-shutdown/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/deploy-windows-vm-app/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-hybrid-use-benefit/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-hybrid-use-benefit/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-hybrid-use-benefit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/enforce-redhat-hybrid-use-benefit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/not-allowed-vm-extensions/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/not-allowed-vm-extensions/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/not-allowed-vm-extensions/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/only-allow-a-certain-vm-platform-image/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/only-allow-a-certain-vm-platform-image/README.md -------------------------------------------------------------------------------- /policyDefinitions/Compute/only-allow-a-certain-vm-platform-image/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/only-allow-a-certain-vm-platform-image/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/vm-use-allowed-images/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Compute/vmaccess-virtual-machine-extension-for-linux/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Compute/vmaccess-virtual-machine-extension-for-linux/README.md -------------------------------------------------------------------------------- /policyDefinitions/Cosmos DB/audit-automatic-failover-for-cosmosdb-accounts/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cosmos DB/audit-automatic-failover-for-cosmosdb-accounts/README.md -------------------------------------------------------------------------------- /policyDefinitions/Cosmos DB/audit-cosmos-db-throughput-exceeding-max/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cosmos DB/audit-cosmos-db-throughput-exceeding-max/README.md -------------------------------------------------------------------------------- /policyDefinitions/Cosmos DB/audit-cosmos-db-throughput-exceeding-max/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Cosmos DB/audit-cosmos-db-throughput-exceeding-max/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Data Factory/deny-datafactory-identitytype/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Data Factory/deny-datafactory-identitytype/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Data Factory/deny-datafactory-identitytype/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Data Factory/deny-datafactory-identitytype/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Data Lake/enforce-encryption-on-data-lake-store-accounts/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Data Lake/enforce-encryption-on-data-lake-store-accounts/README.md -------------------------------------------------------------------------------- /policyDefinitions/Database for PostgreSQL/allowed-postgresql-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Database for PostgreSQL/allowed-postgresql-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Dev Test Labs/allowed-devtestlabs-repo-url-prefix/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Dev Test Labs/allowed-devtestlabs-repo-url-prefix/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/allowed-nc-for-allowed-locations-for-rgs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/allowed-nc-for-allowed-locations-for-rgs/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/allowed-nc-for-allowed-locations-for-rgs/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/allowed-nc-for-allowed-locations-for-rgs/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/deny-fabric-capacity-creation/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/General/deploy-resource-lock-on-rgs-tag-exclusion/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/deploy-resource-lock-on-rgs-tag-exclusion/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/match-multiple-name-patterns/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/match-multiple-name-patterns/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/match-multiple-name-patterns/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/match-multiple-name-patterns/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/match-multiple-name-patterns/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/match-multiple-name-patterns/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/General/match-multiple-name-patterns/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/match-multiple-name-patterns/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-like-condition/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-like-condition/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-like-condition/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-like-condition/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-like-condition/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-like-condition/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-match-condition/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-match-condition/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-match-condition/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-match-condition/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/name-pattern-with-match-condition/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/name-pattern-with-match-condition/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/General/protect-resources-with-deny-action/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/protect-resources-with-deny-action/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/protect-resources-with-deny-action/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/protect-resources-with-deny-action/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/General/require-resource-location-match-resourcegroup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/require-resource-location-match-resourcegroup/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/resource-name-contains-resource-group-name/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/resource-name-contains-resource-group-name/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/resource-name-contains-resource-group-name/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/resource-name-contains-resource-group-name/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/use-match-condition-on-tag-value/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/use-match-condition-on-tag-value/README.md -------------------------------------------------------------------------------- /policyDefinitions/General/use-match-condition-on-tag-value/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/use-match-condition-on-tag-value/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/General/use-match-condition-on-tag-value/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/General/use-match-condition-on-tag-value/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/README.md -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/deny-deployment-with-azure-rbac-enabled/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/deny-deployment-with-azure-rbac-enabled/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/deny-kv-resourceaccess-disk-encryption/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/deny-kv-resourceaccess-disk-encryption/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/enforce-key-vault-premium-sku/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-diagnostic-settings-aine/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-diagnostic-settings-aine/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-diagnostic-settings-aine/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-diagnostic-settings-aine/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-diagnostic-settings-dine/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-diagnostic-settings-dine/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-diagnostic-settings-dine/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-diagnostic-settings-dine/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-firewall-settings-audit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-firewall-settings-audit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-firewall-settings-audit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-firewall-settings-audit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-firewall-settings-deny/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-firewall-settings-deny/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-firewall-settings-deny/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-firewall-settings-deny/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-audit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Key Vault/key-vault-sku-setting-deny/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/aks-prevent-load-balancer-profile/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/aks-prevent-load-balancer-profile/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/aks-prevent-load-balancer-profile/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/aks-prevent-load-balancer-profile/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/aks-prevent-node-public-ip/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-external-ips/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-external-ips/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-host-paths/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-host-paths/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-proc-mount-types/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-proc-mount-types/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-seccomp-profiles/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-seccomp-profiles/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-users/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-users/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/allowed-volume-types/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/allowed-volume-types/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/README.md -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/append-aks-api-ip-restrictions/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-allowed-capabilities/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-allowed-capabilities/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/container-disallowed-capabilities/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/container-disallowed-capabilities/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-aad-support/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-network-plugin/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-aks-outbound-type/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/enforce-apparmor-profile/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/enforce-apparmor-profile/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/flexvolume-drivers/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/flexvolume-drivers/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/forbidden-sysctl-interfaces/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/host-network-ports/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/host-network-ports/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/constraint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/constraint.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/examples-good/example_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/examples-good/example_good.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/examples-violations/violation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/examples-violations/violation.yaml -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/rego/src.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/rego/src.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/rego/src_test.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/rego/src_test.rego -------------------------------------------------------------------------------- /policyDefinitions/Kubernetes/selinux/template.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Kubernetes/selinux/template.yaml -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-diagnostic-setting/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-diagnostic-setting/README.md -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-diagnostic-setting/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-enabling-of-diagnostic-logs-in-event-hub/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-enabling-of-diagnostic-logs-in-event-hub/README.md -------------------------------------------------------------------------------- /policyDefinitions/Monitoring/audit-enabling-of-diagnostic-logs-in-key-vault/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Monitoring/audit-enabling-of-diagnostic-logs-in-key-vault/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/address-space-must-be-pre-allocated-for-region/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/address-space-must-be-pre-allocated-for-region/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/adds-the-default-route-table-to-subnets/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/adds-the-default-route-table-to-subnets/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/adds-the-default-route-table-to-subnets/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/adds-the-default-route-table-to-subnets/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-application-gateway-skus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-application-gateway-skus/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-application-gateway-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-application-gateway-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-application-gateway-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-application-gateway-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-bandwidth/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-bandwidth/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-bandwidth/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-skus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-skus/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-skus/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-skus/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-express-route-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-express-route-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-load-balancer-skus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-load-balancer-skus/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-load-balancer-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-pdns-zones/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-pdns-zones/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-pdns-zones/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-pdns-zones/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-pdns-zones/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-pdns-zones/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-peering-location-for-express-route/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-peering-location-for-express-route/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-peering-location-for-express-route/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-peering-location-for-express-route/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-virtual-network-gateway-skus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-virtual-network-gateway-skus/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-virtual-network-gateway-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-virtual-network-gateway-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/allowed-virtual-network-gateway-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/allowed-virtual-network-gateway-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/append-nsg-rule/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/append-nsg-rule/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/append-nsg-rule/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/append-nsg-rule/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/append-nsg-rule/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/append-nsg-rule/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-changes-to-route-tables-udrs/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-changes-to-route-tables-udrs/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-changes-to-route-tables-udrs/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-changes-to-route-tables-udrs/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-loadbalancers-with-public-ip/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-loadbalancers-with-public-ip/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-loadbalancers-with-public-ip/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-loadbalancers-with-public-ip/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-loadbalancers-with-public-ip/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-loadbalancers-with-public-ip/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-unattached-static-public-ips/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-unattached-static-public-ips/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/audit-unattached-static-public-ips/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/audit-unattached-static-public-ips/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/block-nsg-creations-and-updates/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/create-nsg-rule/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/create-nsg-rule/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/create-nsg-rule/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/create-nsg-rule/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/create-nsg-rule/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/create-nsg-rule/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-bastion-shared-links/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-load-balancer-outbound-rules/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-load-balancer-outbound-rules/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-load-balancer-outbound-rules/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-load-balancer-outbound-rules/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-nsgs-with-rules-with-source-any/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-nsgs-with-rules-with-source-any/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-nsgs-with-rules-with-source-any/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-nsgs-with-rules-with-source-any/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-ports-nsg/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-ports-nsg/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-ports-nsg/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-ports-nsg/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-ports-nsg/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-ports-nsg/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-private-link-service/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-private-link-service/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-private-link-service/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-private-link-service/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-private-link-service/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-private-link-service/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-route-with-next-hop-type-internet/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-route-with-next-hop-type-internet/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-route-with-next-hop-type-internet/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-route-with-next-hop-type-internet/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-subnets-missing-suffix/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deny-vm-vmss-and-load-balancer-from-subnet/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deny-vm-vmss-and-load-balancer-from-subnet/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-nsg-flow-logs-to-target-region/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-nsg-flow-logs-to-target-region/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-nsg-rule/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-nsg-rule/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-nsg-rule/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-nsg-rule/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-nsg-rule/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-nsg-rule/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/deploy-route-to-route-tables/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-a-route-table-on-every-subnet/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-a-route-table-on-every-subnet/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-a-route-table-on-every-subnet/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-a-route-table-on-every-subnet/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-firewall-policy-dns-servers/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-firewall-policy-dns-servers/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-firewall-policy-dns-servers/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-firewall-policy-dns-servers/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-load-balancer-regional-tier/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-load-balancer-regional-tier/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-load-balancer-regional-tier/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-load-balancer-regional-tier/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-load-balancer-standard-sku/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-load-balancer-standard-sku/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-load-balancer-standard-sku/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-load-balancer-standard-sku/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/enforce-vnet-dns-servers/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/modify-inject-routes-into-exsiting-route-table/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/modify-inject-routes-into-exsiting-route-table/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/network-security-group-security-rules/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/network-security-group-security-rules/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/no-network-peering-to-er-network/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-network-peering-to-er-network/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/no-network-peering-to-er-network/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-network-peering-to-er-network/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/no-network-peering-to-er-network/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-network-peering-to-er-network/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/no-user-defined-route-table/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-user-defined-route-table/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/no-user-defined-route-table/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-user-defined-route-table/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/no-user-defined-route-table/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-user-defined-route-table/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/no-user-defined-route-table/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/no-user-defined-route-table/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-rule-ports-without-ip-source/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-rule-ports-without-ip-source/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-rule-ports-without-ip-source/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-rule-ports-without-ip-source/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-x-on-every-subnet/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-x-on-every-subnet/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/nsg-x-on-every-subnet/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-cross-subscription-private-link/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-cross-subscription-private-link/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-cross-tenant-private-link-for-acr/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-cross-tenant-private-link-for-acr/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-cross-tenant-private-link-for-aks/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-cross-tenant-private-link-for-aks/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-deletion-of-private-dns-zone/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-deletion-of-private-dns-zone/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-deletion-of-private-dns-zone/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-deletion-of-private-dns-zone/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-deletion-of-private-dns-zone/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-deletion-of-private-dns-zone/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-inbound-dnat-on-azure-firewalls/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-inbound-dnat-on-azure-firewalls/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-internet-routes-in-route-tables/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-internet-routes-in-route-tables/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-subnets-without-nsg/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-subnets-without-route-table/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-subnets-without-route-table/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/prevent-subnets-without-route-table/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/prevent-subnets-without-route-table/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/require-specific-route-on-udr/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/service-endpoints-on-subnets/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/use-approved-subnet-for-vm-network-interfaces/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/use-approved-subnet-for-vm-network-interfaces/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/use-approved-vnet-for-vm-network-interfaces/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/use-approved-vnet-for-vm-network-interfaces/README.md -------------------------------------------------------------------------------- /policyDefinitions/Network/virtual-machine-nic-must-have-nsg/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/virtual-machine-nic-must-have-nsg/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/virtual-machine-nic-must-have-nsg/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/virtual-machine-nic-must-have-nsg/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Network/vnet-peering-deny-removal/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Policy/deny-policy-exemption-without-description/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Policy/deny-policy-exemption-without-description/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Policy/deny-policy-exemption-without-given-info/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Policy/deny-policy-exemption-without-given-info/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/audit-sql-vm-byol-compliance/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL Server/enable-hybrid-use-for-sql-iaas/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-database-collations/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-database-collations/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-database-collations/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-db-skus/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-db-skus/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-db-skus/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/allowed-sql-elastic-pool-capacity/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-db-level-threat-detection-setting/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-db-level-threat-detection-setting/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-db-level-threat-detection-setting/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-db-level-threat-detection-setting/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-db-level-threat-detection-setting/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-db-level-threat-detection-setting/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-if-no-aad-admin/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-if-no-aad-admin/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-if-no-aad-admin/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-server-level-threat-detection-setting/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-server-level-threat-detection-setting/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-server-level-threat-detection-setting/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-server-level-threat-detection-setting/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-level-audit-setting/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-level-audit-setting/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-level-audit-setting/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-db-without-hybrid-licensing/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-firewall-rule/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-firewall-rule/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-firewall-rule/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-level-auditing-settings/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-level-auditing-settings/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-level-auditing-settings/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-level-auditing-settings/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-level-auditing-settings/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-level-auditing-settings/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-virtual-network-rule/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-virtual-network-rule/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-virtual-network-rule/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-virtual-network-rule/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-sql-server-virtual-network-rule/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-sql-server-virtual-network-rule/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-transparent-data-encryption-status/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-transparent-data-encryption-status/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-transparent-data-encryption-status/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-transparent-data-encryption-status/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/audit-transparent-data-encryption-status/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/audit-transparent-data-encryption-status/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/configure-azure-sql-db-to-use-tls-1.2/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-postgresql-version/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-postgresql-version/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-postgresql-version/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-postgresql-version/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-postgresql-version/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-postgresql-version/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deny-sql-vm-tempdb-localssd/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-azure-sql-elastic-pools/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-azure-sql-elastic-pools/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-azure-sql-elastic-pools/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-azure-sql-elastic-pools/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-for-sql-paas/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-sql-mi/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-sql-mi/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-hybrid-use-sql-mi/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-database-diag-loganalytics/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-managedinstance-diag-loganalytics/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-managedinstance-diag-loganalytics/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-managedinstance-diag-loganalytics/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-managedinstance-diag-loganalytics/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-server-auditing/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-server-auditing/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-server-auditing/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-sql-server-auditing/createStorage.template.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-sql-server-auditing/createStorage.template.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-tde-sql-databases/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/deploy-threat-detection-on-sql-servers/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/enforce-1.2-as-minimum-tls-version-for-sql-server/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/enforce-1.2-as-minimum-tls-version-for-sql-server/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/enforce-postgresql-entra-only-authentication/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/enforce-postgresql-entra-only-authentication/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/enforce-ssl-on-all-db-for-mysql-instances/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/enforce-ssl-on-all-db-for-mysql-instances/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/enforce-ssl-on-all-db-for-mysql-instances/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/enforce-ssl-on-all-db-for-mysql-instances/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/geo-replicated-microsoft-sql-databases/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-backup/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-auto-patching/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-key-vault-integration/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-key-vault-integration/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-sql-connectivity/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-sql-connectivity/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-server-vm-sql-connectivity/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-server-vm-sql-connectivity/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/require-sql-vm-license-models/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-databases-should-be-zone-redundant/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-databases-should-be-zone-redundant/README.md -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-databases-should-be-zone-redundant/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-databases-should-be-zone-redundant/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-databases-should-be-zone-redundant/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-databases-should-be-zone-redundant/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/SQL/sql-db-backup-retention/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Search/return-forbidden-for-auth-failure/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Search/return-forbidden-for-auth-failure/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Search/return-forbidden-for-auth-failure/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Search/return-forbidden-for-auth-failure/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/audit-storage-encryptionwithouthsm/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/audit-storage-encryptionwithouthsm/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/audit-storage-encryptionwithouthsm/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/audit-storage-encryptionwithouthsm/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-blob-softdelete-retention/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-deletion-of-storage-account/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-deletion-of-storage-account/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-deletion-of-storage-account/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-deletion-of-storage-account/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-local-authentication-usage/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-local-authentication-usage/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-local-authentication-usage/azurepolicy.parameters.json: -------------------------------------------------------------------------------- 1 | {} 2 | -------------------------------------------------------------------------------- /policyDefinitions/Storage/deny-local-authentication-usage/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/deny-local-authentication-usage/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/disable-storage-atp-based-on-tag/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/disable-storage-atp-based-on-tag/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/disable-storage-atp-based-on-tag/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/disable-storage-atp-based-on-tag/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/enable-blob-softdelete-30days/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/enforce-storageaccount-namingconvention/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/enforce-storageaccount-namingconvention/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/ensure-https-traffic-only-for-storage-account/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/ensure-https-traffic-only-for-storage-account/README.md -------------------------------------------------------------------------------- /policyDefinitions/Storage/ensure-storage-file-encryption/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/ensure-storage-file-encryption/README.md -------------------------------------------------------------------------------- /policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/ensure-storage-file-encryption/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/restrict-container-immutability-period/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/restrict-container-immutability-period/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-access-key-setting-deny/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-access-key-setting-deny/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-access-tier/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-access-tier/README.md -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-access-tier/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-access-tier/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-access-tier/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-access-tier/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-access-tier/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-access-tier/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-firewall-settings-audit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-firewall-settings-audit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-firewall-settings-deny/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-firewall-settings-deny/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-tls-setting-audit/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-tls-setting-audit/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-tls-setting-audit/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-tls-setting-audit/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-tls-setting-deny/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-tls-setting-deny/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Storage/storage-account-tls-setting-deny/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Storage/storage-account-tls-setting-deny/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/add-date-created-tag/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/add-date-created-tag/README.md -------------------------------------------------------------------------------- /policyDefinitions/Tags/add-date-created-tag/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/add-date-created-tag/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/add-date-created-tag/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/add-date-created-tag/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/add-date-created-tag/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/add-date-created-tag/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/append-tag-and-its-value-from-the-resource-group/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/append-tag-and-its-value-from-the-resource-group/README.md -------------------------------------------------------------------------------- /policyDefinitions/Tags/audit-resource-groups-missing-tags/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/audit-resource-groups-missing-tags/README.md -------------------------------------------------------------------------------- /policyDefinitions/Tags/audit-resource-groups-missing-tags/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/audit-resource-groups-missing-tags/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/audit-resource-groups-missing-tags/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/audit-resource-groups-missing-tags/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/deny-resource-without-tag/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/enforce-tag-and-its-value-on-resource-groups/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/enforce-tag-and-its-value-on-resource-groups/README.md -------------------------------------------------------------------------------- /policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.parameters.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/enforce-tag-casing-on-resources/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/required-tag-and-value-set-on-resources/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/required-tag-and-value-set-on-resources/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-date-tag-on-subscription/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-date-tag-on-subscription/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-date-tag-on-subscription/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-date-tag-on-subscription/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-email-tag-on-subscription/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-email-tag-on-subscription/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-email-tag-on-subscription/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-email-tag-on-subscription/azurepolicy.rules.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-length-of-subscription-tag/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-length-of-subscription-tag/azurepolicy.json -------------------------------------------------------------------------------- /policyDefinitions/Tags/validate-length-of-subscription-tag/azurepolicy.rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policyDefinitions/Tags/validate-length-of-subscription-tag/azurepolicy.rules.json -------------------------------------------------------------------------------- /policySetDefinitions/multiple-billing-tags/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/multiple-billing-tags/README.md -------------------------------------------------------------------------------- /policySetDefinitions/multiple-billing-tags/azurepolicyset.definitions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/multiple-billing-tags/azurepolicyset.definitions.json -------------------------------------------------------------------------------- /policySetDefinitions/multiple-billing-tags/azurepolicyset.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/multiple-billing-tags/azurepolicyset.json -------------------------------------------------------------------------------- /policySetDefinitions/multiple-billing-tags/azurepolicyset.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/multiple-billing-tags/azurepolicyset.parameters.json -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/README.md -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.definitions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.definitions.json -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.groups.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.groups.json -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.json -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/azurepolicyset.parameters.json -------------------------------------------------------------------------------- /policySetDefinitions/regulatorycompliance-nzism/deploy-initiative.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/regulatorycompliance-nzism/deploy-initiative.ps1 -------------------------------------------------------------------------------- /policySetDefinitions/skus-for-multiple-types/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/skus-for-multiple-types/README.md -------------------------------------------------------------------------------- /policySetDefinitions/skus-for-multiple-types/azurepolicyset.definitions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/skus-for-multiple-types/azurepolicyset.definitions.json -------------------------------------------------------------------------------- /policySetDefinitions/skus-for-multiple-types/azurepolicyset.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/skus-for-multiple-types/azurepolicyset.json -------------------------------------------------------------------------------- /policySetDefinitions/skus-for-multiple-types/azurepolicyset.parameters.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/Community-Policy/HEAD/policySetDefinitions/skus-for-multiple-types/azurepolicyset.parameters.json --------------------------------------------------------------------------------