Enterprise-Scale icon indicating copy to clipboard operation
Enterprise-Scale copied to clipboard
verified publisher icon Azure

Feature Request - combination Deny vNet peering cross subscription & Deny-VNET-Peering-To-Non-Approved-VNETs

Open timmoh opened this issue 1 year ago • 1 comments

szenario:

  • HubToSpoke Peering done by: Deny-VNET-Peering-To-Non-Approved-VNETs => fine
  • subscription intneral peering: Deny vNet peering cross subscription => fine

but if we've got an HubToSpoke Subscription with internal vnet peering. This won't work with these to Policy.

Suggestion:

  • Option A) Deny-VNET-Peering-To-Non-Approved-VNETs

    • add an option to allow inner subscription peering

  • Option B) Deny vNet peering cross subscription

    • add an excludelist of vnet ids which are ok to do cross subscriptions

or both ;-)

timmoh avatar Jun 13 '24 08:06 timmoh

Tracking in AB#35840

Springstone avatar Jun 27 '24 12:06 Springstone

https://github.com/Azure/Enterprise-Scale/pull/1731

Springstone avatar Aug 16 '24 15:08 Springstone

This is complete and has been merged.

Springstone avatar Oct 10 '24 08:10 Springstone