Enterprise-Scale
Enterprise-Scale copied to clipboard
Azure
IotHub Custom Policies
Overview/Summary
Replace this with a brief description of what this Pull Request fixes, changes, etc.
This PR fixes/adds/changes/removes
- Added IotHub Custom Policies
As part of this Pull Request I have
- [x] Checked for duplicate Pull Requests
- [x] Associated it with relevant issues, for tracking and closure.
- [x] Ensured my code/branch is up-to-date with the latest changes in the
mainbranch - [x] Performed testing and provided evidence.
- [ ] Updated relevant and associated documentation.
- [ ] Updated the "What's New?" wiki page (located:
/docs/wiki/whats-new.md)
@jtracey93
Azure IoT Hub
| Policy Name | Policy Area | Description |
|---|---|---|
| Append-IotHub-MinimalEncryption | Encryption | Enforces minimal tls version 1.2 for iot hub. |
| Deny-IotHub-Sku | Busget | Enforces iot hub SKUs. |
@krnese May require your help to work on one of the deployIfNotExists policies (Azure Defender for IoT Hub). Let me know, if you have time for that. I have written a policy but had some trouble with getting it to work. If I remember correctly, it was not triggered as expected.
@krnese I would enforce the following on the Corp Management Group:
Deny PublicNetworkAccess (Definition ID: /providers/Microsoft.Authorization/policyDefinitions/2d6830fb-07eb-48e7-8c4d-2a442b35f0fb)
