Azure Policy built-in definitions for Azure DDoS Protection
The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the Version column to view the source on the Azure Policy GitHub repo.
Azure DDoS Protection
|Virtual networks should be protected by Azure DDoS Protection||Protect your virtual networks against volumetric and protocol attacks with Azure DDoS Protection. For more information, visit https://aka.ms/ddosprotectiondocs.||Modify, Audit, Disabled||1.0.0|
|Public IP addresses should have resource logs enabled for Azure DDoS Protection||Enable resource logs for public IP addresses in diagnostic settings to stream to a Log Analytics workspace. Get detailed visibility into attack traffic and actions taken to mitigate DDoS attacks via notifications, reports and flow logs.||AuditIfNotExists, DeployIfNotExists, Disabled||1.0.0|
Submit and view feedback for