Comments (4)
- Microsoft.KeyVault/vaults/enablePurgeProtection
- Microsoft.KeyVault/vaults/enableSoftDelete
- Microsoft.KeyVault/vaults/softDeleteRetentionInDays
- Microsoft.KeyVault/vaults/enableRbacAuthorization
diags for
- nsg - DONE
- route tables - DONE
network
- nsg - DONE
- routetable - DONE
from data-management-zone.
Work on:
-
Deny-DataFactory-LinkedServicesConnectionStringType
-
Deny-DataFactoryIntegration-vNetProperties
-
Deny-PrivateEndpoint-ManualPrivateLinkServiceConnections
- Managed virtual network enforced for integration runtimes: Reached out to PG to get clarification on current limitations
Might also require policies for the following alias:
-
Microsoft.EventHub/namespaces/ipFilterRules/ipMask
-
Microsoft.EventHub/namespaces/virtualNetworkRules/virtualNetworkSubnetId
Contact SQL PG regarding:
-
Microsoft.Sql/managedInstances/azureADOnlyAuthentications
alias -
Azure Backup has alias
vault
for Private Endpoints, which is equal to Key Vault. -
Work on denying private endpoints in Stream Analytics from different tenants
-
Work on Customer Encryption Keys
from data-management-zone.
Services completed:
- Key Vault
- Synapse
- Machine Learning
- Purview
- Databricks
- Storage
- Search
- Cognitive Services
- Private Endpoints
- Log Analytics
- Private DNS Zones
- Data Factory
- Public IP
- Private Link Services For Power BI
- Synapse Private Link Hub
- SQL Server
- SQL Managed Instance
- SQL Instance Pools
- Cosmos DB
- Azure Batch
- Container Instance
- Postgres SQL
- Stream Analytics
- TimeSeriesInsights
- ContainerRegistry
- EventHub
- HDInsight
- IotHubs
- Kusto
- Logic Apps
- DBforMariaDB
- MySql
from data-management-zone.
To Do:
- Audit rules for private endpoints for each service
- Deny Portal deployment for cognitive services and general cognitive services
- AKS
- Validate not-working policies again (Batch, HD Insight, Data Explorer)
- Synapse Purview connection
- Private DNS for batch: Multiple regions
- Redis Cache
- AML Compute - Idle Time before scaledown
from data-management-zone.
Related Issues (20)
- Feature: Connection to data management landing zone HOT 1
- Bug: Firewall Deployment in Central India
- Bug: Synapse Private Link Hub Region
- Documentation: Mesh network guidance - Connectivity Hub
- Documentation: Missing guidance when deploying with an existing Firewall. HOT 3
- Feature: For enterprise deployments accept VNET, Subnet etc. as input parameters
- Feature: Naming of the resources groups to follow CAF HOT 2
- Bug: DeploymentOutputEvaluationFailed HOT 7
- Bug: Deploy to Azure validation error for the Azure Firewall Subnet CIDR Range HOT 2
- Bug: Global service non-unique names cause deployment errors
- Documentation: How to deploy Policies HOT 1
- Minor Bug: Spelling (Adresses -> Addresses)
- Bug: Policies - Synapse diagnostic setting deployments have incorrect name
- Bug: servicesubnet HOT 3
- Bug: Warning Github Actions Node.js 12 deprecation HOT 1
- Bug: Deployment not possible due to network services error HOT 3
- Bug: dev container fails because yarn gpg key is out of date in the docker image
- Feature: Databricks Unity Catalog setup HOT 1
- Bug: params.policyDefinition.Deny-PrivateEndpoint-PrivateLinkServiceConnections.json - 'Required property 'type' not found in JSON HOT 1
- Is this project dead, haven't seen any updates in 9 months HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from data-management-zone.