The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
This pull request introduces updates to the Enterprise Scale/Azure Landing Zones policies and their documentation. The most significant changes include an update to the version metadata of the Enforce-Guardrails-Network policy, and a modification to the allowed values for the modifyNsgRuleAccess parameter in the same policy.
Addresses issue #1697
Policy Refresh:
docs/wiki/Whats-new.md: Added a section for July 2024, which includes a fix for the allowed values of modifyNsgRuleAccess in the Enforce-Guardrails-Network policy.
Overview/Summary
This pull request introduces updates to the Enterprise Scale/Azure Landing Zones policies and their documentation. The most significant changes include an update to the version metadata of the
Enforce-Guardrails-Networkpolicy, and a modification to the allowed values for themodifyNsgRuleAccessparameter in the same policy.Addresses issue #1697
Policy Refresh:
docs/wiki/Whats-new.md: Added a section for July 2024, which includes a fix for the allowed values ofmodifyNsgRuleAccessin theEnforce-Guardrails-Networkpolicy.Policy Version Update:
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Network.json: Updated the version metadata from "1.0.0" to "1.1.0".Policy Parameter Modification:
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-Guardrails-Network.json: Changed the allowed values for themodifyNsgRuleAccessparameter from "Audit", "Deny", "Disabled" to "Allow", "Deny".Tested, and confirm it updates initiative and assignment in place.
Addresses #1697
Testing URLs
Azure Public
As part of this Pull Request I have
mainbranch/docs/wiki/whats-new.md)