Framework/Configurations/SubscriptionSecurity/Subscription.ARMPolicies.json

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
{
   "Version": "3.1809.0",
   "Policies": [
      {
         "policyDefinitionName": "AzSK_ARMPol_Deny_Classic_Resource_Create",
         "policyDefinition": "{\"if\":{\"anyOf\":[{\"field\":\"type\",\"like\":\"Microsoft.ClassicCompute/*\"},{\"field\":\"type\",\"like\":\"microsoft.classicStorage/*\"},{\"field\":\"type\",\"like\":\"Microsoft.ClassicNetwork/*\"}]},\"then\":{\"effect\":\"deny\"}}",
         "description": "Policy to deny upon creation of classic/v1 (i.e., ASM-based) resources",
         "tags": [
            "Mandatory"
         ],
         "applicableForRGs": ["*"],
         "enabled": true,
         "scope": "/subscriptions/$subscriptionId"
      }
   ],
   "DeprecatedPolicies" : ["AzSK_ARMPol_Audit_Classic_Resource_Create",
      "AzSK_ARMPol_Audit_NonHBI_Resource_Create",
      "AzSK_ARMPol_Audit_Job_Scheduler_Free_Tier",
      "AzSK_ARMPol_Audit_SQL_Basic_Create",
      "AzSK_ARMPol_Audit_NonGRS_Storage_SKU",
      "AzSK_ARMPol_Audit_Old_SQL_Version"
   ]
}