Azure Policy for Video Analyzer

Note

We’re retiring the Azure Video Analyzer preview service, you're advised to transition your applications off of Video Analyzer by 01 December 2022.

Azure Video Analyzer for Media is not affected by this retirement. It is now rebranded to Azure Video Indexer. Click here to read more.

Action Required: To minimize disruption to your workloads, transition your application from Video Analyzer per suggestions described in this guide before December 01, 2022. After December 1, 2022 your Azure Video Analyzer account will no longer function. Starting May 2, 2022 you will not be able to create new Video Analyzer accounts.

Azure Video Analyzer provides several built-in Azure Policy definitions to help enforce organizational standards and compliance at-scale. Common use cases for Azure Policy include implementing governance for resource consistency, regulatory compliance, security, cost and management.

Video Analyzer provides several common use case definitions for Azure Policy that are built-in to help you get started. This article explains how to assign policies for a Video Analyzer account using the Azure portal.

Built-in Azure Policy definitions

The following built-in policy definitions are available for use with Video Analyzer.

Name
(Azure portal)
Description Effect(s) Version
(GitHub)
Video Analyzer accounts should use customer-managed keys to encrypt data at rest. Use customer-managed keys to manage the encryption at rest of your Video Analyzer accounts. By default, customer data is encrypted with service-managed keys, but customer-managed keys are commonly required to meet regulatory compliance standards. Customer-managed keys enable the data to be encrypted with an Azure Key Vault key created and owned by you. You have full control and responsibility for the key lifecycle, including rotation and management. Learn more at https://aka.ms/videoanalyzerscmkdocs. Audit, Deny, Disabled 1.0.0

Create a policy assignment

Use the Azure portal to create a policy assignment for your Video Analyzer account using the built-in policy definition.

Note

Follow the quickstart to create a policy assignment but use the policy definition applicable for Video Analyzer by selecting Type = Built-in and typing "Video Analyzer" in the Search tab.

Screenshot to assign a built-in policy for Video Analyzer.

Identify non-compliant resources

  1. Select Compliance in the left side of the page.

  2. Choose the right Scope. Type "Video Analyzer" in the Search tab.

  3. If there are any existing resources that aren't compliant with this new assignment, they appear under Non-compliant resources.

    Screenshot to check for non-compliant resources.

  4. If you see a non-compliant resource, Click on the Name of the policy assignment to see more details including specific Video Analyzer account name, compliance reason, and last evaluated timestamp.

Note

For the policy “Video Analyzer accounts should use customer-managed keys to encrypt data at rest”, the policy assignment is validated for existing and new Video Analyzer accounts created after policy is enabled.

Clean up resources

To remove the assignment created, follow these steps:

  1. Select Compliance (or Assignments) in the left side of the Azure Policy page and locate the policy assignment you created.

  2. Right-click the policy assignment and select Delete assignment.

    Screenshot to delete a policy assignment.

See Also