Source
Display name
Configure Azure Virtual Desktop workspace resources to use private DNS zones
Id
34804460-d88b-4922-a7ca-537165e060ed Copy Id Copy resourceId
Version
1.0.0
Versioning
Versions supported for Versioning: 1
Category
Desktop Virtualization
Description
Use private DNS zones to override the DNS resolution for a private endpoint. A private DNS zone links to your virtual network to resolve to Azure Virtual Desktop resources. Learn more at: https://aka.ms/privatednszone.
Cloud environments
AzureCloud = true
Available in AzUSGov
Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode
Indexed
Type
BuiltIn
Preview
False
Deprecated
False
Effect
Default Allowed
RBAC role(s)
Rule aliases
IF (3)
Rule resource types
IF (2) THEN-Deployment (1)
Compliance
Not a Compliance control
Initiatives usage
Records: 10 25 100 200 Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
< ,
<= ,
> ,
>= ,
= ,
* ,
! ,
{ ,
} ,
|| ,
&& ,
[empty] ,
[nonempty] ,
rgx: Learn more ? Page 1 of 1
Clear Network Clear GA Clear ALZ
Initiative DisplayName
Initiative Id
Initiative Category
State
Type
polSet in AzUSGov
Configure Azure PaaS services to use private DNS zones
Deploy-Private-DNS-Zones Network
GA ALZ
No results
History
Date/Time (UTC ymd) (i)
Change type
Change detail
2023-02-16 18:41:08
add
34804460-d88b-4922-a7ca-537165e060ed
JSON compare
n/a
JSON
api-version=2021-06-01 Copy definition Copy definition 4 EPAC EPAC
{ 7 items displayName: "Configure Azure Virtual Desktop workspace resources to use private DNS zones" , policyType: "BuiltIn" , mode: "Indexed" , description: "Use private DNS zones to override the DNS resolution for a private endpoint. A private DNS zone links to your virtual network to resolve to Azure Virtual Desktop resources. Learn more at: https://aka.ms/privatednszone." , metadata: { 2 items version: "1.0.0" , category: "Desktop Virtualization" } , parameters: { 3 items privateDnsZoneId: { 2 items type: "String" , metadata: { 3 items displayName: "Private Dns Zone Id" , description: "The private DNS zone to deploy in a new private DNS zone group and link to the private endpoint" , strongType: "Microsoft.Network/privateDnsZones" } } , privateEndpointGroupId: { 3 items } , effect: { 4 items type: "String" , metadata: { 2 items displayName: "Effect" , description: "Enable or disable the execution of the policy" } , allowedValues: [ 2 items "DeployIfNotExists" , "Disabled" ] , defaultValue: "DeployIfNotExists" } } , policyRule: { 2 items if: { 1 item allOf: [ 2 items { 2 items field: "type" , equals: "Microsoft.Network/privateEndpoints" } , { 2 items count: { 2 items field: "Microsoft.Network/privateEndpoints/privateLinkServiceConnections[*]" , where: { 1 item allOf: [ 2 items { 2 items field: "Microsoft.Network/privateEndpoints/privateLinkServiceConnections[*].privateLinkServiceId" , contains: "Microsoft.DesktopVirtualization/workspaces" } , { 2 items field: "Microsoft.Network/privateEndpoints/privateLinkServiceConnections[*].groupIds[*]" , equals: "[parameters('privateEndpointGroupId')]" } ] } } , greaterOrEquals: 1 } ] } , then: { 2 items effect: "[parameters('effect')]" , details: { 3 items type: "Microsoft.Network/privateEndpoints/privateDnsZoneGroups" , roleDefinitionIds: [ 1 item "/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7" Network Contributor ] , deployment: { 1 item properties: { 3 items mode: "incremental" , template: { 4 items $schema: "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#" , contentVersion: "1.0.0.0" , parameters: { 3 items } , resources: [ 1 item { 5 items name: 🔍 "[
concat(
parameters('privateEndpointName'),
'/deployedByPolicy'
)
]", type: "Microsoft.Network/privateEndpoints/privateDnsZoneGroups" , apiVersion: "2020-03-01" , location: "[parameters('location')]" , properties: { 1 item } } ] } , parameters: { 3 items } } } } } } }
