AzPolicyAdvertizer

last sync: 2024-May-17 18:03:56 UTC

Configure Azure Key Vaults with private endpoints

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Azure Key Vaults with private endpoints

9d4fad1f-5189-4a42-b29e-cf7929c6b6df

Version

1.0.1
Details on versioning

Category

Key Vault
Microsoft Learn

Description

Private endpoints connect your virtual networks to Azure services without a public IP address at the source or destination. By mapping private endpoints to key vault, you can reduce data leakage risks. Learn more about private links at: https://aka.ms/akvprivatelink.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Network Contributor	4d97b98b-1d4f-4787-a291-c67834d212e7
Key Vault Contributor	f25e0fa2-a7c8-4377-a976-54943a77a395

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.KeyVault/vaults/privateEndpointConnections/privateLinkServiceConnectionState.status	Microsoft.KeyVault	vaults/privateEndpointConnections	properties.privateLinkServiceConnectionState.status	false

Rule resource types

IF (1)
Microsoft.KeyVault/vaults
THEN-Deployment (2)
Microsoft.Network/privateEndpoints
Microsoft.Resources/deployments

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-01-23 18:07:09	change	Patch, old suffix: preview (1.0.0-preview > 1.0.1)
2021-04-21 13:28:46	add	9d4fad1f-5189-4a42-b29e-cf7929c6b6df

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC