Closed Dekor86 closed 9 months ago
Dekor86
commented
9 months ago Also spotted another policy where the Deny effect wasn't available. Pushed suggested change:
https://www.azadvertizer.net/azpolicyadvertizer/55615ac9-af46-4a59-874e-391cc3dfb490.html
Dekor86
commented
9 months ago Dekor86
commented
9 months ago Hopefully final two:
Added deny effect in available types for assignment of following policies:
https://www.azadvertizer.net/azpolicyadvertizer/b52376f7-9612-48a1-81cd-1ffe4b61032c.html
https://www.azadvertizer.net/azpolicyadvertizer/d9844e8a-1437-4aeb-a32c-0c992f056095.html
robga
commented
9 months ago Changes can not be made to built-in policies directly in this repo. If you find an issue in a built-in policy, feel free to open an issue, or open a Microsoft Azure support ticket. Changes to built-ins are made out-of-band and will be represented in this repo after the next built-in policy release. https://github.com/Azure/azure-policy/tree/master/built-in-policies#contributing
Corrected available effect types for "Container registries should not allow unrestricted network access" in parameters. Deny is also an available effect. Spotted this when trying to assign the built in initiative using "Deny" for this policy and being informed it isn't a valid parameter even though on the underlying policy definition it is.
https://www.azadvertizer.net/azpolicyadvertizer/d0793b48-0edc-4296-a390-4c75d1bdfd71.html