Azure Policy built-in definitions for Azure Attestation

This page is an index of Azure Policy built-in policy definitions for Azure Attestation. For additional Azure Policy built-ins for other services, see Azure Policy built-in definitions.

The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the Version column to view the source on the Azure Policy GitHub repo.

Azure Attestation

(Azure portal)
Description Effect(s) Version
Azure Attestation providers should disable public network access To improve the security of Azure Attestation Service, ensure that it isn't exposed to the public internet and can only be accessed from a private endpoint. Disable the public network access property as described in This option disables access from any public address space outside the Azure IP range, and denies all logins that match IP or virtual network-based firewall rules. This reduces data leakage risks. Audit, Deny, Disabled 1.0.0
Azure Attestation providers should use private endpoints Private endpoints provide a way to connect Azure Attestation providers to your Azure resources without sending traffic over the public internet. By preventing public access, private endpoints help protect against undesired anonymous access. AuditIfNotExists, Disabled 1.0.0

Next steps