Thank you for your post!
Error Message:
Resource xxxx was disallowed by policy. Error Type: PolicyViolation, Policy Definition Name : Azure Key Vault should disable public network access, Policy Assignment Name : Deny-Public-Endpoints.
I understand that you're building out your Azure Infrastructure using Bicep templates but you're running into the error above when deploying your Key Vault with publicNetworkAccess: 'Disabled'
.
To hopefully help resolve your issue or point you in the right direction, in addition to your bicep file specifying publicNetworkAccess: 'Disabled'
, you should also ensure that your template has the networkAcls property, and that it's reflecting "Deny".
"properties": {
"sku": {
"family": "A",
"name": "Standard"
},
"tenantId": "tenantID",
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Deny",
"ipRules": [],
"virtualNetworkRules": []
},
"accessPolicies": [
Additional Links:
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.