Can't deploy the policy "Management port access from the Internet should be blocked". It contains errors

[Kamil-Kramek]

Describe the bug When deploying the policy "Management port access from the Internet should be blocked" I receive the below error:

A function or parameter in policy '6ab34426-e940-4545-bab3-8ce9fd039a50' could not be validated. If using template functions, try following the tips in: https://aka.ms/policy-avoiding-template-failures. The inner exception 'Evaluation result of language expression '[[parameters('ports')]' is type 'String', expected type is 'Array'.'.

Steps to reproduce

1. Go to Azure portal -> Policy
2. Create a new policy
3. Into the Policy Definition field paste JSON of a policy from this link: https://github.com/Azure/Enterprise-Scale/blob/main/src/resources/Microsoft.Authorization/policyDefinitions/Deny-MgmtPorts-From-Internet.json
4. Click Save

Screenshots

[Springstone]

Hi, please be aware that policies in this repo are specially formatted for Enterprise Scale automated deployments and cannot be deployed as they are. In order to deploy, please remove the escape character [[ should be [ - you need to remove one of the leading brackets and it will deploy as intended.

Example:

"effect": "[[parameters('effect')]"

Should be adjusted to:

"effect": "[parameters('effect')]"

Note: you need to do this throughout the policy, and for this particular one there are several locations to edit.

[Kamil-Kramek]

Hi Sacha

Thank you very much for your advice! It resolved my issue :) I owe you a huge beer :)

---

@.***Kamil Kramek Cloud Infrastructure Services

Capgemini Poland www.capgemini.comhttp://www.capgemini.com/ @.***