├── .github ├── dependabot.yml └── workflows │ ├── ci.yml │ └── codeql.yml ├── .gitignore ├── Azure Policy Evaluator.sln ├── LICENSE ├── README.md ├── azure-policy-evaluator.code-workspace ├── docs └── create-azure-policy-aliases-file.ps1 ├── samples.ps1 ├── samples ├── Compute │ └── audit-vm-byol-compliance │ │ ├── README.md │ │ ├── azurepolicy.json │ │ └── tests │ │ ├── linux-vm-none.json │ │ ├── windows-vm-audit.json │ │ └── windows-vm-with-license-none.json ├── Key Vault │ └── audit-if-key-vault-has-no-virtual-network-rules │ │ ├── azurepolicy.json │ │ └── tests │ │ ├── kv-iprules-with-allow-none.json │ │ ├── kv-iprules-with-deny-none.json │ │ ├── kv-no-rules-allow-audit.json │ │ ├── kv-virtualnetworkrules-with-allow-audit.json │ │ └── kv-virtualnetworkrules-with-deny-none.json ├── Network │ ├── deny-ports-nsg │ │ ├── README.md │ │ ├── azurepolicy.json │ │ └── tests │ │ │ ├── nsg-allow-ssh-and-rdp-deny.json │ │ │ └── securityrule-allows-ssh-deny.json │ └── enforce-load-balancer-standard-sku │ │ ├── README.md │ │ ├── azurepolicy.json │ │ └── tests │ │ ├── basic-loadbalancer-audit.json │ │ └── standard-loadbalancer-none.json └── README.md ├── src └── AzurePolicyEvaluator │ ├── AliasRepository.cs │ ├── AliasResources.Designer.cs │ ├── AliasResources.resx │ ├── AzurePolicyEvaluator.csproj │ ├── CustomConsoleFormatter.cs │ ├── EvaluationResult.cs │ ├── EvaluationResultTexts.cs │ ├── Evaluator.cs │ ├── JsonElementExtensions.cs │ ├── Parameter.cs │ ├── PolicyConstants.cs │ ├── Program.cs │ ├── Properties │ └── launchSettings.json │ ├── Resources │ ├── policy-aliases.csv │ └── policy-aliases.gz │ └── TextWriterExtensions.cs └── tests └── AzurePolicyEvaluatorTests ├── AliasRepositoryTests.cs ├── AzurePolicyEvaluatorTests.csproj ├── BasicEvaluatorTests.cs ├── BasicResources.Designer.cs ├── BasicResources.resx ├── CountEvaluationTests.cs ├── FieldComparisonTests.cs ├── GlobalUsings.cs ├── JsonElementExtensionsTests.cs ├── ParametersTests.cs ├── PolicyFileTests.cs ├── PropertyValidationsTests.cs ├── Resources ├── NSG_AllowSSHandRDP.json ├── Policy_Location_List.json ├── Policy_NSG_DenyPorts.json └── SecurityRule_AllowSSH.json └── TemplateFunctionsTests.cs /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/.github/workflows/ci.yml -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/.github/workflows/codeql.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/.gitignore -------------------------------------------------------------------------------- /Azure Policy Evaluator.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/Azure Policy Evaluator.sln -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/README.md -------------------------------------------------------------------------------- /azure-policy-evaluator.code-workspace: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/azure-policy-evaluator.code-workspace -------------------------------------------------------------------------------- /docs/create-azure-policy-aliases-file.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/docs/create-azure-policy-aliases-file.ps1 -------------------------------------------------------------------------------- /samples.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples.ps1 -------------------------------------------------------------------------------- /samples/Compute/audit-vm-byol-compliance/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Compute/audit-vm-byol-compliance/README.md -------------------------------------------------------------------------------- /samples/Compute/audit-vm-byol-compliance/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Compute/audit-vm-byol-compliance/azurepolicy.json -------------------------------------------------------------------------------- /samples/Compute/audit-vm-byol-compliance/tests/linux-vm-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Compute/audit-vm-byol-compliance/tests/linux-vm-none.json -------------------------------------------------------------------------------- /samples/Compute/audit-vm-byol-compliance/tests/windows-vm-audit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Compute/audit-vm-byol-compliance/tests/windows-vm-audit.json -------------------------------------------------------------------------------- /samples/Compute/audit-vm-byol-compliance/tests/windows-vm-with-license-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Compute/audit-vm-byol-compliance/tests/windows-vm-with-license-none.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/azurepolicy.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-iprules-with-allow-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-iprules-with-allow-none.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-iprules-with-deny-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-iprules-with-deny-none.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-no-rules-allow-audit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-no-rules-allow-audit.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-virtualnetworkrules-with-allow-audit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-virtualnetworkrules-with-allow-audit.json -------------------------------------------------------------------------------- /samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-virtualnetworkrules-with-deny-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Key Vault/audit-if-key-vault-has-no-virtual-network-rules/tests/kv-virtualnetworkrules-with-deny-none.json -------------------------------------------------------------------------------- /samples/Network/deny-ports-nsg/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/deny-ports-nsg/README.md -------------------------------------------------------------------------------- /samples/Network/deny-ports-nsg/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/deny-ports-nsg/azurepolicy.json -------------------------------------------------------------------------------- /samples/Network/deny-ports-nsg/tests/nsg-allow-ssh-and-rdp-deny.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/deny-ports-nsg/tests/nsg-allow-ssh-and-rdp-deny.json -------------------------------------------------------------------------------- /samples/Network/deny-ports-nsg/tests/securityrule-allows-ssh-deny.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/deny-ports-nsg/tests/securityrule-allows-ssh-deny.json -------------------------------------------------------------------------------- /samples/Network/enforce-load-balancer-standard-sku/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/enforce-load-balancer-standard-sku/README.md -------------------------------------------------------------------------------- /samples/Network/enforce-load-balancer-standard-sku/azurepolicy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/enforce-load-balancer-standard-sku/azurepolicy.json -------------------------------------------------------------------------------- /samples/Network/enforce-load-balancer-standard-sku/tests/basic-loadbalancer-audit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/enforce-load-balancer-standard-sku/tests/basic-loadbalancer-audit.json -------------------------------------------------------------------------------- /samples/Network/enforce-load-balancer-standard-sku/tests/standard-loadbalancer-none.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/Network/enforce-load-balancer-standard-sku/tests/standard-loadbalancer-none.json -------------------------------------------------------------------------------- /samples/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/samples/README.md -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/AliasRepository.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/AliasRepository.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/AliasResources.Designer.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/AliasResources.Designer.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/AliasResources.resx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/AliasResources.resx -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/AzurePolicyEvaluator.csproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/AzurePolicyEvaluator.csproj -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/CustomConsoleFormatter.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/CustomConsoleFormatter.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/EvaluationResult.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/EvaluationResult.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/EvaluationResultTexts.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/EvaluationResultTexts.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Evaluator.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Evaluator.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/JsonElementExtensions.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/JsonElementExtensions.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Parameter.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Parameter.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/PolicyConstants.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/PolicyConstants.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Program.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Program.cs -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Properties/launchSettings.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Properties/launchSettings.json -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Resources/policy-aliases.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Resources/policy-aliases.csv -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/Resources/policy-aliases.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/Resources/policy-aliases.gz -------------------------------------------------------------------------------- /src/AzurePolicyEvaluator/TextWriterExtensions.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/src/AzurePolicyEvaluator/TextWriterExtensions.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/AliasRepositoryTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/AliasRepositoryTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/AzurePolicyEvaluatorTests.csproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/AzurePolicyEvaluatorTests.csproj -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/BasicEvaluatorTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/BasicEvaluatorTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/BasicResources.Designer.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/BasicResources.Designer.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/BasicResources.resx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/BasicResources.resx -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/CountEvaluationTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/CountEvaluationTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/FieldComparisonTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/FieldComparisonTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/GlobalUsings.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/GlobalUsings.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/JsonElementExtensionsTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/JsonElementExtensionsTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/ParametersTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/ParametersTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/PolicyFileTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/PolicyFileTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/PropertyValidationsTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/PropertyValidationsTests.cs -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/Resources/NSG_AllowSSHandRDP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/Resources/NSG_AllowSSHandRDP.json -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/Resources/Policy_Location_List.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/Resources/Policy_Location_List.json -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/Resources/Policy_NSG_DenyPorts.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/Resources/Policy_NSG_DenyPorts.json -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/Resources/SecurityRule_AllowSSH.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/Resources/SecurityRule_AllowSSH.json -------------------------------------------------------------------------------- /tests/AzurePolicyEvaluatorTests/TemplateFunctionsTests.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JanneMattila/azure-policy-evaluator/HEAD/tests/AzurePolicyEvaluatorTests/TemplateFunctionsTests.cs --------------------------------------------------------------------------------