Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2023-07-06 22:53:01 +0000

woof gravatar image

Here are the steps to make an Azure policy that restricts the generation of Azure Storage Account Queues:

  1. Log in to the Azure portal with your account credentials.

  2. In the search bar, type "Policy" to find the Azure Policy service.

  3. Click on "Policy" to open the policy page.

  4. Click on "Definitions" and then "Add."

  5. Select the "Custom Policy" option and give your policy a name.

  6. In the "Policy rule" section, paste the following JSON code:

{ "mode": "All", "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Storage/storageAccounts/queueServices" }, { "not": { "field": "Microsoft.Storage/storageAccounts/queueServices/defaultEncryptionScope", "exists": "true" } } ] }, "then": { "effect": "deny" } }, "parameters": {} }

This code will deny the creation of queues for storage accounts that do not have encryption enabled by default.

  1. Click on "Review + create" to review your policy.

  2. Click on "Create" to create your policy.

Once your policy is created, it will be enforced on all your Azure storage accounts. Any attempt to create a queue in a storage account without default encryption will be denied.


Copyright QStack.ai, 2010-2023. Content on this site is licensed under the Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service | contact