AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Azure Cosmos DB accounts should not allow traffic from all Azure data centers

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Cosmos DB accounts should not allow traffic from all Azure data centers
Id 12339a85-a25c-4f17-9f82-4766f13f5c4c
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Cosmos DB
Microsoft Learn
Description Disallow the IP Firewall rule, '0.0.0.0', which allows for all traffic from any Azure data centers. Learn more at https://aka.ms/cosmosdb-firewall
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/ipRangeFilter Microsoft.DocumentDB databaseAccounts properties.ipRangeFilter True False
Microsoft.DocumentDB/databaseAccounts/ipRules[*] Microsoft.DocumentDB databaseAccounts properties.ipRules[*] True True
Microsoft.DocumentDB/databaseAccounts/ipRules[*].ipAddressOrRange Microsoft.DocumentDB databaseAccounts properties.ipRules[*].ipAddressOrRange True True
Rule resource types IF (1)
Microsoft.DocumentDB/databaseAccounts
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-05-17 18:03:56 add 12339a85-a25c-4f17-9f82-4766f13f5c4c
JSON compare n/a
JSON
api-version=2021-06-01
EPAC