AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Public network access should be disabled for Azure File Sync

Azure BuiltIn Policy definition

Source Azure Portal
Display name Public network access should be disabled for Azure File Sync
Id 21a8cd35-125e-4d13-b82d-2e19b7208bb7
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Storage
Microsoft Learn
Description Disabling the public endpoint allows you to restrict access to your Storage Sync Service resource to requests destined to approved private endpoints on your organization's network. There is nothing inherently insecure about allowing requests to the public endpoint, however, you may wish to disable it to meet regulatory, legal, or organizational policy requirements. You can disable the public endpoint for a Storage Sync Service by setting the incomingTrafficPolicy of the resource to AllowVirtualNetworksOnly.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.StorageSync/storageSyncServices/incomingTrafficPolicy Microsoft.StorageSync storageSyncServices properties.incomingTrafficPolicy True True
Rule resource types IF (1)
Microsoft.StorageSync/storageSyncServices
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Public network access should be disabled for PaaS services Deny-PublicPaaSEndpoints Network GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-02 15:11:40 add 21a8cd35-125e-4d13-b82d-2e19b7208bb7
JSON compare n/a
JSON
api-version=2021-06-01
EPAC