Azure Policy built-in definitions for Azure Service Fabric

This page is an index of Azure Policy built-in policy definitions for Azure Service Fabric. For additional Azure Policy built-ins for other services, see Azure Policy built-in definitions.

The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the Version column to view the source on the Azure Policy GitHub repo.

Azure Service Fabric

(Azure portal)
Description Effect(s) Version
[Preview]: Service Fabric Clusters should be Zone Redundant Service Fabric Clusters can be configured to be Zone Redundant or not. Servicefabric Clusters whose nodeType do not have the multipleAvailabilityZones set to true are not Zone Redundant. This policy identifies Servicefabric Clusters lacking the redundancy needed to withstand a zone outage. Audit, Deny, Disabled 1.0.0-preview
Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign Service Fabric provides three levels of protection (None, Sign and EncryptAndSign) for node-to-node communication using a primary cluster certificate. Set the protection level to ensure that all node-to-node messages are encrypted and digitally signed Audit, Deny, Disabled 1.1.0
Service Fabric clusters should only use Azure Active Directory for client authentication Audit usage of client authentication only via Azure Active Directory in Service Fabric Audit, Deny, Disabled 1.1.0

Next steps