Could you please help me modify the policy to simply deny anything from Marketplace, that was not published by Microsoft?
Could you please help me modify the policy to simply deny anything from Marketplace, that was not published by Microsoft?
I tried to figure out how to further restrict the Marketplace, but I was not successful yet :-( Right now I have made simple Policy that denies any VM not published by Microsoft. The code is following:
{
"if": {
"not": {
"field": "Microsoft.Compute/imagePublisher",
"like": "Microsoft*"
}
},
"then": {
"effect": "deny"
}
}
I would need something more general, that would deny any service not published by Microsoft, but I just can't figure out how to modify the code for anything else than VMs. For example I wanted to deny any service from Marketplace > Networking so I used PowerShell cmdlet
Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Network | fl resourcetypes
to see if there is anything similar to imagePublisher, but I didn't find anything useful. Could you please help me modify the policy to simply deny anything from Marketplace, that was not published by Microsoft?
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.