Comments (3)
iisworks
commented on August 23, 2024
1
@JimGBritt Sorry about the duplicate, I completely overlooked the other one!
from azurepolicy.
JimGBritt
commented on August 23, 2024
@iisworks great question - this one has been problematic because Azure Storage has implemented these sub resourceTypes (proxy resources) that are not trackable by ARM which means I cannot dynamically pick them up when the script runs. They aren't seen as a "resourceType" they are seen as a "ProxyResourceType" which is technically tied to the dependency of a Storage Account. Therefore, the only way to pick these up is to scan every single storage account in a sub(s) and enumerate for proxy resoureceTypes - it is a heavy tax to support these currently. There are some options I've considered such as asking for a ResourceID of a storage account that has all of these proxyresources enabled so that I can also find the categories, etc. The good news is there are built ins (though they are currently being reworked) to be released soon I believe - a policy for each Proxy ResourceType and also for the Storage Account itself and these will be supported by the Storage Product Team. At this point, I'd wait for those to become available.
from azurepolicy.
JimGBritt
commented on August 23, 2024
@iisworks btw I do have another open issue on this here: #28 let me know if it is ok to close this one specifically and track this ask there.
from azurepolicy.
Related Issues (14)
- Policy Remediation - Log Analytics Contributor role not enough ? missing 'Microsoft.OperationalInsights/workspaces/sharedKeys/action' HOT 4
- Support ARM Templates generation for MG scope deployment HOT 3
- Add -IncludeAssignment switch HOT 6
- Policies generated via Create-AzDiagPolicy are showing Non-Compliant HOT 4
- Azure VM displays as compliant, but VM diagnostic settings blade still warns to enable diagnostics? HOT 2
- Azure Storage diagnostics only for storage account but not for blob/queue/table/file remediated HOT 4
- Update Trigger Evaluation script to make use of Invoke-AzRestMethod or Invoke-AzResourceAction HOT 1
- Support for Subscription level Diagnostic Settings HOT 1
- Trigger-PolicyInitiativeRemediation.ps1: Remediate "" Initiative? HOT 2
- Error with Static Websites HOT 4
- Improvement for Policy: Audit diagnostic setting HOT 2
- Is it an issue? HOT 2
- Policy being generated with extra parameter HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azurepolicy.