last sync: 2024-Nov-25 18:54:24 UTC

Modify Azure SignalR Service resources to disable public network access

Azure BuiltIn Policy definition

Source Azure Portal
Display name Modify Azure SignalR Service resources to disable public network access
Id 62a3ae95-8169-403e-a2d2-b82141448092
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category SignalR
Microsoft Learn
Description To improve the security of Azure SignalR Service resource, ensure that it isn't exposed to the public internet and can only be accessed from a private endpoint. Disable the public network access property as described in https://aka.ms/asrs/networkacls. This option disables access from any public address space outside the Azure IP range, and denies all logins that match IP or virtual network-based firewall rules. This reduces data leakage risks.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
SignalR/Web PubSub Contributor 8cf5e20a-e4b2-4e9d-b3a1-5ceb692c2761
Rule aliases IF (4)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.SignalRService/SignalR/networkACLs.defaultAction Microsoft.SignalRService SignalR properties.networkACLs.defaultAction True True
Microsoft.SignalRService/SignalR/networkACLs.publicNetwork.allow Microsoft.SignalRService SignalR properties.networkACLs.publicNetwork.allow True True
Microsoft.SignalRService/SignalR/networkACLs.publicNetwork.allow[*] Microsoft.SignalRService SignalR properties.networkACLs.publicNetwork.allow[*] True True
Microsoft.SignalRService/SignalR/publicNetworkAccess Microsoft.SignalRService SignalR properties.publicNetworkAccess True True
THEN-Operations (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.SignalRService/SignalR/networkACLs.defaultAction Microsoft.SignalRService SignalR properties.networkACLs.defaultAction True True
Microsoft.SignalRService/SignalR/networkACLs.publicNetwork.allow Microsoft.SignalRService SignalR properties.networkACLs.publicNetwork.allow True True
Microsoft.SignalRService/SignalR/publicNetworkAccess Microsoft.SignalRService SignalR properties.publicNetworkAccess True True
Rule resource types IF (1)
Microsoft.SignalRService/SignalR
Compliance
The following 1 compliance controls are associated with this Policy definition 'Modify Azure SignalR Service resources to disable public network access' (62a3ae95-8169-403e-a2d2-b82141448092)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
mp.com.1 Secure perimeter mp.com.1 Secure perimeter 404 not found n/a n/a 49
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-03-17 18:44:06 change Minor (1.0.0 > 1.1.0)
2021-03-09 14:37:41 add 62a3ae95-8169-403e-a2d2-b82141448092
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC