last sync: 2024-Nov-25 18:54:43 UTC

Enforce additional recommended guardrails for Key Vault

Azure Landing Zones (ALZ) Policy Initiative (PolicySet)

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Enforce-Guardrails-KeyVault-Sup
Display nameEnforce additional recommended guardrails for Key Vault
IdEnforce-Guardrails-KeyVault-Sup
Version1.0.0
Details on versioning
CategoryKey Vault
DescriptionThis policy initiative is a group of policies that ensures Key Vault is compliant per regulated Landing Zones.
TypeCustom Azure Landing Zones (ALZ)
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 2
Builtin Policies: 2
Static Policies: 0
ALZ Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type
[Preview]: Configure Azure Key Vault Managed HSM to disable public network access 84d327c3-164a-4685-b453-900478614456 Key Vault Default
Modify
Allowed
Modify, Disabled
1 Managed HSM contributor Preview BuiltIn
Configure key vaults to enable firewall ac673a9a-f77d-4846-b2d8-a57f8e1c01dc Key Vault Default
Modify
Allowed
Modify, Disabled
1 Key Vault Contributor GA BuiltIn
Roles used
Total Roles usage: 2
Total Roles unique usage: 2
Role Role Id Policies count Policies
Key Vault Contributor f25e0fa2-a7c8-4377-a976-54943a77a395 1 Configure key vaults to enable firewall
Managed HSM contributor 18500a29-7fe2-46b2-a342-b16a415e101d 1 [Preview]: Configure Azure Key Vault Managed HSM to disable public network access
History none
JSON compare n/a
JSON
EPAC