last sync: 2024-Nov-25 18:54:24 UTC

[Preview]: Configure Azure Key Vault Managed HSM to disable public network access

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Preview]: Configure Azure Key Vault Managed HSM to disable public network access
Id 84d327c3-164a-4685-b453-900478614456
Version 2.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0-preview
Built-in Versioning [Preview]
Category Key Vault
Microsoft Learn
Description Disable public network access for your Azure Key Vault Managed HSM so that it's not accessible over the public internet. This can reduce data leakage risks. Learn more at: https://docs.microsoft.com/azure/key-vault/managed-hsm/private-link#allow-trusted-services-to-access-managed-hsm.
Mode Indexed
Type BuiltIn
Preview True
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
Managed HSM contributor 18500a29-7fe2-46b2-a342-b16a415e101d
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/managedHSMs/networkAcls.defaultAction Microsoft.KeyVault managedHSMs properties.networkAcls.defaultAction True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.KeyVault/managedHSMs/networkAcls.defaultAction Microsoft.KeyVault managedHSMs properties.networkAcls.defaultAction True True
Rule resource types IF (1)
Microsoft.KeyVault/managedHSMs
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce additional recommended guardrails for Key Vault Enforce-Guardrails-KeyVault-Sup Key Vault GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-27 15:52:17 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-09-13 16:35:32 add 84d327c3-164a-4685-b453-900478614456
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC