Enterprise-Scale
Enterprise-Scale copied to clipboard
Azure
Data Factory Custom Policies
Overview/Summary
Replace this with a brief description of what this Pull Request fixes, changes, etc.
This PR fixes/adds/changes/removes
- Added Data Factory Custom Policies
As part of this Pull Request I have
- [x] Checked for duplicate Pull Requests
- [x] Associated it with relevant issues, for tracking and closure.
- [x] Ensured my code/branch is up-to-date with the latest changes in the
mainbranch - [x] Performed testing and provided evidence.
- [ ] Updated relevant and associated documentation.
- [ ] Updated the "What's New?" wiki page (located:
/docs/wiki/whats-new.md)
@jtracey93
Azure Data Factory
| Policy Name | Policy Area | Description |
|---|---|---|
| Deny-DataFactory-ApiVersion | Resource Management | Denies old API version for data factory V1. |
| Deny-DataFactory-IdentityType | Authentication | Enforces use of system assigned identity for data factory. |
| Deny-DataFactory-IntegrationRuntimeManagedVirtualNetwork | Network Isolation | Denies Integration Runtimes that are not connected to the Managed Virtual Network. |
| Deny-DataFactory-ManagedPrivateEndpoints | Network Isolation | Denies external private endpoints for linked services. |
| Deny-DataFactory-PublicNetworkAccess | Network Isolation | Denies public access to data factory. |
| Deploy-DataFactory-ManagedVirtualNetwork | Network Isolation | Deploy managed virtualnetwork for data factory. |
@krnese I would enforce the following on the Corp Management Group:
Deny-DataFactory-PublicNetworkAccess
I would like to enforce more, but this will be difficult to manage.
