last sync: 2024-Nov-25 18:54:24 UTC

Enforce specific configuration of Network Security Groups (NSG)

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Modify-NSG
Deploy policy Modify-NSG (1.0.0) to Azure
Display name Enforce specific configuration of Network Security Groups (NSG)
Id Modify-NSG
Version 1.0.0
Details on versioning
Category Network
Description This policy enforces the configuration of Network Security Groups (NSG).
Mode All
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
Network Contributor 4d97b98b-1d4f-4787-a291-c67834d212e7
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkSecurityGroups/securityRules[*] Microsoft.Network networkSecurityGroups properties.securityRules[*] True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/networkSecurityGroups/securityRules[*] Microsoft.Network networkSecurityGroups properties.securityRules[*] True True
Rule resource types IF (1)
Microsoft.Network/networkSecurityGroups
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State
Enforce recommended guardrails for Network and Networking services Enforce-Guardrails-Network Network GA
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-06-03 17:39:43 add Modify-NSG
JSON compare n/a
JSON
EPAC
Deploy policy Modify-NSG (1.0.0) to Azure