AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Network interfaces should not have public IPs

Azure BuiltIn Policy definition

Source Azure Portal
Display name Network interfaces should not have public IPs
Id 83a86a26-fd1f-447c-b59d-e51f44264114
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Network
Microsoft Learn
Description This policy denies the network interfaces which are configured with any public IP. Public IP addresses allow internet resources to communicate inbound to Azure resources, and Azure resources to communicate outbound to the internet. This should be reviewed by the network security team.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkInterfaces/ipconfigurations[*].publicIpAddress.id Microsoft.Network networkInterfaces properties.ipConfigurations[*].properties.publicIpAddress.id True True
Rule resource types IF (1)
Microsoft.Network/networkInterfaces
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce recommended guardrails for Network and Networking services Enforce-Guardrails-Network Network GA ALZ
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC