Azure Security Assessment
Hi there, It is required to assess the Security (CSPM) for all our Azure PaaS & SaaS services across a number of Management Groups. Not just the security score. An in-depth Security Assessment to be carried out across:- Identity and…
Does the Leaked credentials Alert in Azure AD premim look at current user credentials and report on it or does it also report on previously used passwords?
Investigating an alert I received on Leaked Credentials, I wanted to know if this alert is looking at the current user passwords only or if it checks the old passwords set by the user also. Does the alert look for valid usernames or does it just check…
VM back with deny effect
Trying to implement a policy while creating a VM backup should be enabled , else deny After publish this it is not allowing to create any new VM. Like to check if we can have this policy with deny effect . Apppreciate your response.
Azure - Can not allow inbound traffic, denied by Policy
so I am learning Azure now, I created a Linux VM. When I tried to connect using SSH, the connection timed out. so I checked on Inbound Rules, and it appears that I need to allow port 22. I know this is not recommended. However, when i tried to create the…
Azure Load Balancer - Read Access using Azure Policy
Hi Team, I have created a policy today for Azure load balancer having read access. However, I was unsure on the parameters binding for "READ" access. Request you to validate and add the missing lines if any for the below template. { …
Unable to access Azure portal
Hi Team, I'm unable to login to http://azure.portal.com for any of my microsoft accounts. It throws the below error. Request Id: ee1c2284-3a4f-4c9f-8485-3e6f154dbd00 Correlation Id: d612518e-c9ce-4945-9c97-adb14077e518 Timestamp:…
While trying to re-use custom policy it is failing
Created custom policy. It is assigned successfuly without any issue for the first time. While trying to re-use the same policy and assign to different subscription it is failing with Resource 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' was disallowed by…
A way to extend backup monitoring for app services using policy?
There are azure policies for monitoring whether virtual machines have backups or not. Most of the online documentations point towards the two built-in policies which deal with backups. I want to extend/tweak the built-in policy definition to cover App…
Not able to enforce azure policy for for keyvault
I am trying to implement azure custom policy for key vault where I want to enforce user to enable nbf and exp, without that it shouldn't be allowed. It directly comes as compliance without showing any resource validation. There is also no reference of…
How can i resolve this issue when create a resource in Azue?
Hi there, i tried to create a website hosted in Azue but there is problem, pls help to advise: from this step: Thank so much.
Need help to build az policy to audit/deny that has data disks aren't encrypted in a virtual machine scale (vmss)
As I know vmss disks can be encrypted/de as show bellow https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/disk-encryption-cli I want to create an to audit/deny that has data disks are not encrypted in a virtual machine scale …
Need help to build a policy to deny sql database that has Transparent Data Encryption disabled
there is a build-in azure policy name "Transparent Data Encryption on SQL databases should be enabled" With definition ID: /providers/Microsoft.Authorization/policyDefinitions/17k78e20-9358-41c9-923c-fb736d382a12 But this policy only…
I am unable to create any rersouces, getting this error Resource 'resourcegroupmanoj1' was disallowed by policy. (Code: RequestDisallowedByPolicy)
I am unable to create any resources, getting this error Resource 'resourcegroupmanoj1'
Assign a policy to enforce a condition for existing/new VMs that should shut-down by 7 PM and on by 10 AM
Hi Team, I would like to add a policy which is related to Virtual Machines that should shut down the all VMs at 7 PM and on by 10 AM Daily on Weekdays. Thanks in advance. Regards, Venu Sunkara
Azure policy to auto add user group in resource group contributors
This is my first project in Azure. Please avoid if any mistake. I have a user group "Azure Cross Team Contributors". I want to add it in resource group contributors by default whenever I create any resource group. I got to know there is policy,…
Blueprint assignment location
Dear all, I'm trying to do what I have already done for resource and resource group location, limiting them to a subset of locations and offering a default value at the time the blueprint is assigned, what I did not find the way yet, is how to manage…
Azure management book recommendation
Hello, I am just learning Azure administration and am looking for a good hands-on book covering the Azure Management portal. I will be doing a lot in the coming weeks, but right now I am concerned with ▪ Blueprints, ARMs ▪ Policy & policy…
Exporting azure policy definitions
Hi, I am trying to find a script to export all existing policy definitions that are configured in our environment. I am hoping to export them into a json format that I can then place into source control for CI/CD. Does anybody know if this exists? Or…
Export azure policies
HI Team, I have a requirement to export all Azure policy definitions and policy assignments to a json file, later we want to automate all these from CI/CD pipelines. Can you please help me on how to achieve this Thanks Vasudeva Reddy
Audit/Deny ipSecurityRestrictions through Azure Policy
Hi there, I'm trying to create a custom policy to match ipSecurityRestriction rules for our organisational Public IP addresses. I want to do this for Function Apps in the first instance, but once I have the policy created, I'll align it to other…