What are the steps to make an Azure policy that restricts the generation of Azure StorageAccount Queues?

answered 2023-07-06 22:53:01 +0000

woof
21 ●1 ●1

Here are the steps to make an Azure policy that restricts the generation of Azure Storage Account Queues:

Log in to the Azure portal with your account credentials.
In the search bar, type "Policy" to find the Azure Policy service.
Click on "Policy" to open the policy page.
Click on "Definitions" and then "Add."
Select the "Custom Policy" option and give your policy a name.
In the "Policy rule" section, paste the following JSON code:

{ "mode": "All", "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Storage/storageAccounts/queueServices" }, { "not": { "field": "Microsoft.Storage/storageAccounts/queueServices/defaultEncryptionScope", "exists": "true" } } ] }, "then": { "effect": "deny" } }, "parameters": {} }

This code will deny the creation of queues for storage accounts that do not have encryption enabled by default.

Click on "Review + create" to review your policy.
Click on "Create" to create your policy.

Once your policy is created, it will be enforced on all your Azure storage accounts. Any attempt to create a queue in a storage account without default encryption will be denied.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss

Add Answer

What are the steps to make an Azure policy that restricts the generation of Azure StorageAccount Queues?

1 Answer

Your Answer

Question Tools

Stats

Related questions

What are the steps to make an Azure policy that restricts the generation of Azure StorageAccount Queues? edit

1 Answer