January 28, 2023

Using Policy Metadata in Azure Policy Initiatives

When checking the Policy Compliance status on Azure Portal, if you click on an policy assignment for a Initiative, you may have noticed some of the […]
January 26, 2023

Using Azure Policy to Create DNS Records for Private Endpoints

Azure Private Link allows you to access Azure PaaS services over a private endpoint in in your virtual network. To make your Azure PaaS resources accessible […]
January 6, 2023

How To Restrict Event Hub Public Network Access via Azure Policy

Yesterday I published a policy definition to restrict Event Hub public network access. After reading my blog post, my friend and colleague Ahmad Abdalla told me […]
January 5, 2023

Azure Policy Definitions for Event Hub Minimum TLS Version and Public Network Access

Azure Event Hub Namespace has added support for 2 additional properties in the latest API version 2022-01-01-preview: minimumTlsVersion: the minimum TLS version that the Event Hub […]
December 18, 2022

Minimum Permissions for Azure Policy Template Deployment

When comes into security, a general rule of thumb is to ALWAYS use the least privilege principle when assigning permissions. I rarely come across customers that […]
December 11, 2022

Azure Bicep Modules for Azure Policy Resources

Although I’m a big fan of Microsoft CARML Bicep module repo, and have used many of their modules in my projects, Sometimes I still prefer using […]
September 16, 2022

Azure policy to Audit Storage Account without Lifecycle Management Rule

I created a new Azure Policy definition today to audit storage accounts that do not have lifecycle management rules. The policy definition can be found in […]