Share via

Is it possible to check existence of condition in Azure Policy in deny policy ?

-sysop-5971zr-z 1 Reputation point
2021-11-24T15:30:11.353+00:00

Ask : Allow FileShare to be created in Azure storage account only if supportsHttpsTrafficOnly is set to true on Storage account
Below policy is not working as expected
"allOf": [
{
"not": {
"field": "Microsoft.Storage/storageAccounts/supportsHttpsTrafficOnly",
"equals": "true"
}
},
{
"allOf": [
{
"source": "action",
"like": "Microsoft.Storage/storageAccounts/fileServices/shares/*"
},
{
"field": "Microsoft.Storage/storageAccounts/fileServices/shares/enabledProtocols",
"equals": "SMB"
}
]
}
]

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
1,014 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jesse Loudon 336 Reputation points
    2022-02-07T00:16:56.76+00:00

    hey @-sysop-5971zr-z

    would you be able to give more detail about the results you are seeing from testing the above policy?

    you could also check out these Storage Account policy examples from the community repo https://github.com/Azure/Community-Policy/tree/master/Policies/Storage

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.