How to upgrade package github.com/open-policy-agent/opa to version 0.68.0 or above?
Hello! We are using Azure Policy add-on in our AKS cluster and we would like to upgrade package github.com/open-policy-agent/opa to version 0.68.0 or above. The image mcr.microsoft.com/oss/open-policy-agent/gatekeeper. Namespace: gatekeeper-system. How…
Allow-Access-Control-Origin Error on Web App
Hey everyone. I may be missing something simple, but here's one for you guys! Turning on App Gateway WAF Policy with a custom rule for geo location match. Essentially just to deny any traffic outside of select countries. Without this WAF Policy turned…
How to remove WAF policy safely.We have an AKAMAI device before the App GW and do not need WAF capability anymore.What is the safest way to do so.
How to remove WAF policy safely or disassociate WAF policy . We have an AKAMAI device before the App GW in our environment hence we do not need WAF capability anymore. What is the safest way to do so. Also can I do it via portal and if I am doing it via…
I cant access my customers tenant because of a conditional acces policy called "phishing resistent mfa for admins"
I called microsoft yeserday, was rerouted 3 times before someone could create a ticket for me and said answer time was just a couple of hours and then the data protection team would call me. this "should" be a simple fix i tought, it is really…
Error assigning a policy using Azure powershell and Azure Cli
I'm trying to assign an initiative using Azure Cli or Azure powershell and I'm getting the following error New-AzManagementGroupDeployment -ManagementGroupId $managemenGroupId -Location $location -TemplateFile…
Azure Policy not working with Def. JIT (- Do not allow Any as source)
I am currently trying to prevent users from requesting Azure JIT VM access coming from the Source IP addresses "Any". According to this thread, https://video2.skills-academy.com/en-us/answers/questions/846584/azure-vm-jit-do-not-allow-any-as-source ,…
Azure policies for Azure Functions
I am planning on applying a Azure policy initiative of following policies to Azure Function Apps:- Function app slots should disable public network access Function app slots should have Client Certificates (Incoming client certificates) enabled …
Login as federated user via katalon studio
Hi, I have an inquiry if it is possible to perform federated user login via katalon studio? We are working on automating logging in as federated user in katalon studio but am encountering an error when logging in. This error does not happen when logging…
Azure built-in compliance standard for ISO 27001:2022
Is it planned to offer the compliance standard for ISO 27001:2022 y Azure regulation compliance initiatives?
Search Service authorization fails (in environments where policy prohibits private endpoint connections from other subscriptions).
To achieve private sending/receiving between “Storage Account” and “Search Service” currently To use the Search Service's shared private link, you need to create a shared private link between the storage account and the Search Service. To use the Search…
Is it possible to enable diagnostic settings for express route gateway resource?
Is it possible to enable diagnostic settings for express route gateway resource? if yes, how can we create a deploy if not exist policy to achieve it?
Availability Sets are not supported in Azure Policy for deploying Azure Monitor Agent.
I have created a Initiative for deploying the Azure Monitor agent on a subscription. The agent is deployed on all the Windows vm's except on the machines in a availability set. The policy I'm using is "Configure Windows virtual machines to run Azure…
Azure policy does not back up persistent AVD VMs.
We're running into a weird issue. We have two Azure policies, one which adds a tag for any VM, the tag name is "backup" and it sets the value to [true]. Then a second policy is set to backup VMs with a given tag to an existing vault in the…
issue with built-in Azure Policy "Configure Azure Activity logs to stream to specified Log Analytics workspace"
hi, trying to deploy the policy Configure Azure Activity logs to stream to specified Log Analytics workspace https://www.azadvertizer.net/azpolicyadvertizer/2465583e-4e78-4c15-b6be-a36cbc7c8b0f.html Altough, the parametree is configured to use…
How to disable OWA for a set of users using Azure Security group
I need to disable OWA for set of users in our company, and disable OWA for new users as well. Being a Global Admin, can I do so using Azure Security group? If yes , could please help me with the steps to do so? I need to find out who…
I clicked on Access policies on my ley vault, but i was shown this "Access policies not available". How do i make it available?
Access policies not available. The access configuration for this key vault is set to role-based access control. To add or manage your access policies, go to the Access control (IAM) page. How can I resolve this
Azure initiative for ISO 27001:2022
We have to implement ISO 27001:2022 at Azure Switzerlan. Is there an azure initiative for ISO 27001:2022? There is currently one for ISO27001:2013. Does anyone know what should be changed for 27001:2022?
Programmatically trigger Azure policy remediation
I have got azure policy auto remediation in place, however the process is a manual one where the remediation tasks needs to be manually triggered. I was wondering if there is a way to programmatically trigger the running of the remediation job.
Export the data of Policy Assignments Name, Type (Intiatives or Policy), Scope and then for each Policy Assignments I need the policy definitions Version, category, type associated with it and export in excel file
Hello Team, Can any one help on how I can Export the data of Policy Assignments Name, Type (Intiatives or Policy), Scope and then for each Policy Assignments I need the policy definitions Version, category, type associated with it and export in excel…
How to Prevent Users from Removing Resource Group Locks Using Azure Policy?
Hi, I'm currently working on creating a policy definition in Azure to prevent users from removing locks from Resource Groups (RGs). My initial approach was to use the Deny effect within the policy, but I haven't been able to achieve the desired result.…