Policy Initiative 'Evaluate Private Link Usage Across All Supported Azure Resources' does not contain policy 'Azure AI Services resources should use Azure Private Link'
Opened this issue · 0 comments
n-athan commented
Details of the scenario you tried and the problem that is occurring
I want to audit all Azure Resources to govern the Public Network Access. We use the builtin initiative Evaluate Private Link Usage Across All Supported Azure Resources to check as many resources as possible. The policy to audit private link usage on Azure AI services is not yet included in the initiative.
Verbose logs showing the problem
There is no policy about AI in the initiative, as shown with this query in the AZ CLI.
az policy set-definition show --name 7379ef4c-89b0-48b6-a5cc-fd3a75eaef93 --query "policyDefinitions[?contains(@.policyDefinitionReferenceId, 'ai')]" --output table
PolicyDefinitionId PolicyDefinitionReferenceId
----------------------------------------------------------------------------------------- ---------------------------------------------
/providers/Microsoft.Authorization/policyDefinitions/e8eef0a8-67cf-4eb4-9386-14b0e78733d4 AuditPrivateEndpointForAzureContainerRegistry
/providers/Microsoft.Authorization/policyDefinitions/9830b652-8523-49cc-b1b3-e17dce1127ca AuditPrivateEndpointForAzureEventGridDomainsSuggested solution to the issue
Include policy definition Azure AI Services resources should use Azure Private Link (id /providers/Microsoft.Authorization/policyDefinitions/d6759c02-b87f-42b7-892e-71b3f471d782) in the policy initiative.