Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AVD Pattern - Unable to deploy because policy blocks Automation Accounts with Public Access Enabled #387

Open
shawntmeyer opened this issue Oct 22, 2024 · 2 comments
Assignees
Labels
Pattern: AVD Issues / PR's related to the AVD Pattern

Comments

@shawntmeyer
Copy link

I've reviewed the underlying templates and realize that you enable public access to the automation account because you don't collect this parameter or the PrivateEndpoints array parameter. If access to the automation account is needed, please provide an option to submit the private endpoint Subnet ResourceId and PrivateDNS Zones for automation accounts.

@JCoreMS
Copy link
Contributor

JCoreMS commented Oct 22, 2024

Thanks @shawntmeyer, valid security concern that was overlooked early on that we'll try to address. Ultimately, we want to get away from an automation account with some revised queries for KQL. Stay tuned.

@Brunoga-MS Brunoga-MS added the Pattern: AVD Issues / PR's related to the AVD Pattern label Oct 24, 2024
@JCoreMS
Copy link
Contributor

JCoreMS commented Dec 17, 2024

@shawntmeyer this is unfortunately still on the backlog as we wait for a feature to be released in the US Gov cloud to move away from Automation Accounts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Pattern: AVD Issues / PR's related to the AVD Pattern
Projects
None yet
Development

No branches or pull requests

3 participants