AzPolicyAdvertizer

last sync: 2025-May-27 20:12:32 UTC

Container App environments should use network injection

Azure BuiltIn Policy definition

Source Azure Portal
Display name Container App environments should use network injection
Id 8b346db6-85af-419b-8557-92cee2c0f9bb
Version 1.0.2
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.2
Built-in Versioning [Preview]
Category Container Apps
Microsoft Learn
Description Container Apps environments should use virtual network injection to: 1.Isolate Container Apps from the public internet 2.Enable network integration with resources on-premises or in other Azure virtual networks 3.Achieve more granular control over network traffic flowing to and from the environment.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.App/managedEnvironments/vnetConfiguration.infrastructureSubnetId Microsoft.App managedEnvironments properties.vnetConfiguration.infrastructureSubnetId True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Rows: 1-1 / 1
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Enforce recommended guardrails for Container Apps Enforce-Guardrails-ContainerApps Container Apps GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-29 16:32:46 change Patch (1.0.1 > 1.0.2)
2022-05-27 20:20:35 change Patch (1.0.0 > 1.0.1)
2022-05-06 16:29:23 add 8b346db6-85af-419b-8557-92cee2c0f9bb
JSON compare
compare mode: version left: version right:
1.0.1 → 1.0.2 RENAMED
@@ -1,12 +1,12 @@
1
  {
2
  "displayName": "Container App environments should use network injection",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
- "description": "Container App environment should use virtual network injection. It isolates Container Apps from the Internet, unlocks advanced Container Apps networking and security features, and provides you with greater control over your network security configuration.",
6
  "metadata": {
7
- "version": "1.0.1",
8
- "category": "Container App"
9
  },
10
  "parameters": {
11
  "effect": {
12
  "type": "String",
 
1
  {
2
  "displayName": "Container App environments should use network injection",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
+ "description": "Container Apps environments should use virtual network injection to: 1.Isolate Container Apps from the public internet 2.Enable network integration with resources on-premises or in other Azure virtual networks 3.Achieve more granular control over network traffic flowing to and from the environment.",
6
  "metadata": {
7
+ "version": "1.0.2",
8
+ "category": "Container Apps"
9
  },
10
  "parameters": {
11
  "effect": {
12
  "type": "String",
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "Container App environments should use network injection",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Container Apps environments should use virtual network injection to: 1.Isolate Container Apps from the public internet 2.Enable network integration with resources on-premises or in other Azure virtual networks 3.Achieve more granular control over network traffic flowing to and from the environment.",
  • metadata: {2 items
    • version: "1.0.2",
    • category: "Container Apps"
    },
  • parameters: {1 item},
  • policyRule: {2 items}
}