-
Notifications
You must be signed in to change notification settings - Fork 983
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Denyactionpr #1406
Denyactionpr #1406
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor What's New updates
docs/wiki/Whats-new.md
Outdated
@@ -49,6 +49,10 @@ Major update in this release: introducing the Policy Testing Framework foundatio | |||
- Deploy-SQL-minTLS | |||
- Deploy-MySQL-sslEnforcement (changed from Owner to Contributor role, no built in roles currently available) | |||
- Deploy-PostgreSQL-sslEnforcement (changed from Owner to Contributor role, no built in roles currently available) | |||
- Additional policy definitions: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Additional policy definitions: | |
- Adding `DenyAction` policy definitions: |
docs/wiki/Whats-new.md
Outdated
- Additional policy definitions: | ||
- `DenyAction-ActivityLogs` | ||
- `DenyAction-DiagnosticLogs` | ||
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality | |
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality | |
- Additionally including an initiative that includes both `DenyAction` policies |
This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. |
@JamJarchitect & @Springstone are we also looking to add tests for this one? |
This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. |
@Springstone @JamJarchitect - whats the latest with this one? |
This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. |
This reverts commit bc80050.
Overview/Summary
Implementation of DenyAction Delete into Azure Landing Zones for both Activity Logs and Diagnostic Settings as two seperate policy definitions and a policy initiative.
Address story AB#29619
This PR fixes/adds/changes/removes
Breaking Changes
Testing Evidence
Testing URLs
Azure Public
Azure US Gov (Fairfax)
As part of this Pull Request I have
main
branch/docs/wiki/whats-new.md
)