Closed MikaelJcSoderberg closed 3 months ago
thanks @MikaelJcSoderberg for the awareness.
Are you aware of a built-in policy that exists that we can add to the initiative to close this gap?
My colleague dug up this one: /providers/Microsoft.Authorization/policyDefinitions/701a595d-38fb-4a66-ae6d-fb3735217622
Without having validated by assigning it, it looks like what would be needed.
Thanks @MikaelJcSoderberg, we'll add that to our Deny-PaaS coverage.
Addressed in PR #1622
This policy set does not include a policy to handle deployment slots for App Services : Deny-PublicPaaSEndpoints
A user can create a slot and expose the service.