Make aliases modifiable

Azure / azure-policy

Repository for Azure Resource Policy built-in definitions and samples

MIT License

1.47k stars 1.07k forks source link

Make aliases modifiable #943

Open ioeifcss opened 2 years ago

ioeifcss commented 2 years ago

Can we please get the following aliases made modifiable?

Microsoft.Sql/managedInstances/minimalTlsVersion

Microsoft.DBforPostgreSQL/servers/minimalTlsVersion
Microsoft.DBforPostgreSQL/servers/minimalTlsVersion

Microsoft.DBForMariaDB/servers/minimalTlsVersion
Microsoft.DBforMariaDB/servers/sslEnforcement

igor-marinho commented 1 year ago

Same for MySql The policy definition has operations referring to aliases that are not modifiable: 'Microsoft.DBforMySQL/servers/publicNetworkAccess'.

ankitajaiswalkohler commented 1 year ago

+1 for MySql The policy definition has operations referring to aliases that are not modifiable: 'Microsoft.DBforMySQL/servers/publicNetworkAccess'.

Though it is modifiable via portal/cli directly

erose96 commented 10 months ago

Microsoft.Sql/managedInstances/minimalTlsVersion
Microsoft.DBforPostgreSQL/servers/minimalTlsVersion

Enforcement of these is essential for our verification of TLS 1.2 across our tenant

theautomationdude commented 10 months ago

+1 On this one, like the idea of using the modify effect on these.

hwwilliams commented 2 months ago

Microsoft.Storage/storageAccounts/keyPolicy.keyExpirationPeriodInDays would be nice so it can be used in conjunction with the built-in Storage account keys should not be expired audit policy.