PSRule for Azure
Initializing search
GitHub
Home
Getting started
Setup
Reference
Learn
PSRule for Azure
GitHub
Home
Getting started
Getting started
Overview
Overview
About
Features
FAQ
Install
Quickstarts
Quickstarts
Test a Bicep deployment
Test a Bicep deployment
With GitHub Actions
Testing infrastructure code
Testing infrastructure code
Expanding source files
Using templates
Using Bicep source
Creating your pipeline
Working with baselines
Testing deployed resources
Testing deployed resources
Exporting rule data
Analyzing resources
Concepts
Concepts
Suppression
Policy as rules
Customization
Customization
Storing custom rules
Enforcing custom tags
Enforcing code ownership
Permit outbound management
Troubleshooting
Samples
License and contributing
License and contributing
Writing documentation
Past hackathons
Related projects
Releases
Releases
Change log
Change log
v1
v0
Upgrade notes
Deprecations
Changes and versioning
Support
Setup
Setup
Configuring options
Configuring rule defaults
Configuring expansion
Setup Bicep
Setup Azure Monitor logs
Integrations
Reference
Reference
By pillar
By resource
Microsoft Cloud Security Benchmark
Rules
Rules
Azure.ACR.AdminUser
Azure.ACR.AnonymousAccess
Azure.ACR.ContainerScan
Azure.ACR.ContentTrust
Azure.ACR.Firewall
Azure.ACR.GeoReplica
Azure.ACR.ImageHealth
Azure.ACR.MinSku
Azure.ACR.Name
Azure.ACR.Quarantine
Azure.ACR.Retention
Azure.ACR.SoftDelete
Azure.ACR.Usage
Azure.ADX.DiskEncryption
Azure.ADX.ManagedIdentity
Azure.ADX.SLA
Azure.ADX.Usage
Azure.AI.DisableLocalAuth
Azure.AI.ManagedIdentity
Azure.AI.PrivateEndpoints
Azure.AI.PublicAccess
Azure.AKS.AuditLogs
Azure.AKS.AuthorizedIPs
Azure.AKS.AutoScaling
Azure.AKS.AutoUpgrade
Azure.AKS.AvailabilityZone
Azure.AKS.AzurePolicyAddOn
Azure.AKS.AzureRBAC
Azure.AKS.CNISubnetSize
Azure.AKS.ContainerInsights
Azure.AKS.DNSPrefix
Azure.AKS.DefenderProfile
Azure.AKS.EphemeralOSDisk
Azure.AKS.HttpAppRouting
Azure.AKS.LocalAccounts
Azure.AKS.ManagedAAD
Azure.AKS.ManagedIdentity
Azure.AKS.MinNodeCount
Azure.AKS.MinUserPoolNodes
Azure.AKS.Name
Azure.AKS.NetworkPolicy
Azure.AKS.NodeMinPods
Azure.AKS.PlatformLogs
Azure.AKS.PoolScaleSet
Azure.AKS.PoolVersion
Azure.AKS.SecretStore
Azure.AKS.SecretStoreRotation
Azure.AKS.StandardLB
Azure.AKS.UptimeSLA
Azure.AKS.UseRBAC
Azure.AKS.Version
Azure.APIM.APIDescriptors
Azure.APIM.AvailabilityZone
Azure.APIM.CORSPolicy
Azure.APIM.CertificateExpiry
Azure.APIM.Ciphers
Azure.APIM.DefenderCloud
Azure.APIM.EncryptValues
Azure.APIM.HTTPBackend
Azure.APIM.HTTPEndpoint
Azure.APIM.ManagedIdentity
Azure.APIM.MinAPIVersion
Azure.APIM.MultiRegion
Azure.APIM.MultiRegionGateway
Azure.APIM.Name
Azure.APIM.PolicyBase
Azure.APIM.ProductApproval
Azure.APIM.ProductDescriptors
Azure.APIM.ProductSubscription
Azure.APIM.ProductTerms
Azure.APIM.Protocols
Azure.APIM.SampleProducts
Azure.ASE.MigrateV3
Azure.ASG.Name
Azure.AppConfig.AuditLogs
Azure.AppConfig.DisableLocalAuth
Azure.AppConfig.GeoReplica
Azure.AppConfig.Name
Azure.AppConfig.PurgeProtect
Azure.AppConfig.SKU
Azure.AppGw.AvailabilityZone
Azure.AppGw.MigrateV2
Azure.AppGw.MinInstance
Azure.AppGw.MinSku
Azure.AppGw.Name
Azure.AppGw.OWASP
Azure.AppGw.Prevention
Azure.AppGw.SSLPolicy
Azure.AppGw.UseHTTPS
Azure.AppGw.UseWAF
Azure.AppGw.WAFEnabled
Azure.AppGw.WAFRules
Azure.AppGwWAF.Enabled
Azure.AppGwWAF.Exclusions
Azure.AppGwWAF.PreventionMode
Azure.AppGwWAF.RuleGroups
Azure.AppInsights.Name
Azure.AppInsights.Workspace
Azure.AppService.ARRAffinity
Azure.AppService.AlwaysOn
Azure.AppService.HTTP2
Azure.AppService.ManagedIdentity
Azure.AppService.MinPlan
Azure.AppService.MinTLS
Azure.AppService.NETVersion
Azure.AppService.PHPVersion
Azure.AppService.PlanInstanceCount
Azure.AppService.RemoteDebug
Azure.AppService.UseHTTPS
Azure.AppService.WebProbe
Azure.AppService.WebProbePath
Azure.AppService.WebSecureFtp
Azure.Arc.Kubernetes.Defender
Azure.Arc.Server.MaintenanceConfig
Azure.Automation.AuditLogs
Azure.Automation.EncryptVariables
Azure.Automation.ManagedIdentity
Azure.Automation.PlatformLogs
Azure.Automation.WebHookExpiry
Azure.BV.Immutable
Azure.Bastion.Name
Azure.CDN.EndpointName
Azure.CDN.HTTP
Azure.CDN.MinTLS
Azure.CDN.UseFrontDoor
Azure.ContainerApp.APIVersion
Azure.ContainerApp.DisableAffinity
Azure.ContainerApp.ExternalIngress
Azure.ContainerApp.Insecure
Azure.ContainerApp.ManagedIdentity
Azure.ContainerApp.Name
Azure.ContainerApp.PublicAccess
Azure.ContainerApp.RestrictIngress
Azure.ContainerApp.Storage
Azure.Cosmos.AccountName
Azure.Cosmos.DefenderCloud
Azure.Cosmos.DisableMetadataWrite
Azure.DataFactory.Version
Azure.Databricks.PublicAccess
Azure.Databricks.SKU
Azure.Databricks.SecureConnectivity
Azure.Defender.Api
Azure.Defender.AppServices
Azure.Defender.Arm
Azure.Defender.Containers
Azure.Defender.CosmosDb
Azure.Defender.Cspm
Azure.Defender.Dns
Azure.Defender.KeyVault
Azure.Defender.OssRdb
Azure.Defender.SQL
Azure.Defender.SQLOnVM
Azure.Defender.Servers
Azure.Defender.Storage.DataScan
Azure.Defender.Storage.MalwareScan
Azure.Defender.Storage
Azure.DefenderCloud.Contact
Azure.DefenderCloud.Provisioning
Azure.Deployment.AdminUsername
Azure.Deployment.Name
Azure.Deployment.OuterSecret
Azure.Deployment.OutputSecretValue
Azure.Deployment.SecureParameter
Azure.Deployment.SecureValue
Azure.DevBox.ProjectLimit
Azure.EventGrid.DisableLocalAuth
Azure.EventGrid.ManagedIdentity
Azure.EventGrid.TopicPublicAccess
Azure.EventHub.DisableLocalAuth
Azure.EventHub.MinTLS
Azure.EventHub.Usage
Azure.Firewall.Mode
Azure.Firewall.Name
Azure.Firewall.PolicyMode
Azure.Firewall.PolicyName
Azure.FrontDoor.Logs
Azure.FrontDoor.ManagedIdentity
Azure.FrontDoor.MinTLS
Azure.FrontDoor.Name
Azure.FrontDoor.Probe
Azure.FrontDoor.ProbeMethod
Azure.FrontDoor.ProbePath
Azure.FrontDoor.State
Azure.FrontDoor.UseCaching
Azure.FrontDoor.UseWAF
Azure.FrontDoor.WAF.Enabled
Azure.FrontDoor.WAF.Mode
Azure.FrontDoor.WAF.Name
Azure.FrontDoorWAF.Enabled
Azure.FrontDoorWAF.Exclusions
Azure.FrontDoorWAF.PreventionMode
Azure.FrontDoorWAF.RuleGroups
Azure.Identity.UserAssignedName
Azure.IoTHub.MinTLS
Azure.KeyVault.AccessPolicy
Azure.KeyVault.AutoRotationPolicy
Azure.KeyVault.Firewall
Azure.KeyVault.KeyName
Azure.KeyVault.Logs
Azure.KeyVault.Name
Azure.KeyVault.PurgeProtect
Azure.KeyVault.RBAC
Azure.KeyVault.SecretName
Azure.KeyVault.SoftDelete
Azure.LB.AvailabilityZone
Azure.LB.Name
Azure.LB.Probe
Azure.LB.StandardSKU
Azure.LogicApp.LimitHTTPTrigger
Azure.ML.ComputeIdleShutdown
Azure.ML.ComputeVnet
Azure.ML.DisableLocalAuth
Azure.ML.PublicAccess
Azure.ML.UserManagedIdentity
Azure.MariaDB.AllowAzureAccess
Azure.MariaDB.DatabaseName
Azure.MariaDB.DefenderCloud
Azure.MariaDB.FirewallIPRange
Azure.MariaDB.FirewallRuleCount
Azure.MariaDB.FirewallRuleName
Azure.MariaDB.GeoRedundantBackup
Azure.MariaDB.MinTLS
Azure.MariaDB.ServerName
Azure.MariaDB.UseSSL
Azure.MariaDB.VNETRuleName
Azure.Monitor.ServiceHealth
Azure.MySQL.AAD
Azure.MySQL.AADOnly
Azure.MySQL.AllowAzureAccess
Azure.MySQL.DefenderCloud
Azure.MySQL.FirewallIPRange
Azure.MySQL.FirewallRuleCount
Azure.MySQL.GeoRedundantBackup
Azure.MySQL.MinTLS
Azure.MySQL.ServerName
Azure.MySQL.UseFlexible
Azure.MySQL.UseSSL
Azure.NIC.Attached
Azure.NIC.Name
Azure.NIC.UniqueDns
Azure.NSG.AKSRules
Azure.NSG.AnyInboundSource
Azure.NSG.Associated
Azure.NSG.DenyAllInbound
Azure.NSG.LateralTraversal
Azure.NSG.Name
Azure.Policy.AssignmentAssignedBy
Azure.Policy.AssignmentDescriptors
Azure.Policy.Descriptors
Azure.Policy.ExemptionDescriptors
Azure.Policy.WaiverExpiry
Azure.PostgreSQL.AAD
Azure.PostgreSQL.AADOnly
Azure.PostgreSQL.AllowAzureAccess
Azure.PostgreSQL.DefenderCloud
Azure.PostgreSQL.FirewallIPRange
Azure.PostgreSQL.FirewallRuleCount
Azure.PostgreSQL.GeoRedundantBackup
Azure.PostgreSQL.MinTLS
Azure.PostgreSQL.ServerName
Azure.PostgreSQL.UseSSL
Azure.PrivateEndpoint.Name
Azure.PublicIP.AvailabilityZone
Azure.PublicIP.DNSLabel
Azure.PublicIP.IsAttached
Azure.PublicIP.MigrateStandard
Azure.PublicIP.Name
Azure.PublicIP.StandardSKU
Azure.RBAC.CoAdministrator
Azure.RBAC.LimitMGDelegation
Azure.RBAC.LimitOwner
Azure.RBAC.PIM
Azure.RBAC.UseGroups
Azure.RBAC.UseRGDelegation
Azure.RSV.Immutable
Azure.RSV.Name
Azure.RSV.ReplicationAlert
Azure.RSV.StorageType
Azure.Redis.AvailabilityZone
Azure.Redis.FirewallIPRange
Azure.Redis.FirewallRuleCount
Azure.Redis.MaxMemoryReserved
Azure.Redis.MinSKU
Azure.Redis.MinTLS
Azure.Redis.NonSslPort
Azure.Redis.PublicNetworkAccess
Azure.Redis.Version
Azure.RedisEnterprise.MinTLS
Azure.RedisEnterprise.Zones
Azure.Resource.AllowedRegions
Azure.Resource.UseTags
Azure.ResourceGroup.Name
Azure.Route.Name
Azure.SQL.AAD
Azure.SQL.AADOnly
Azure.SQL.AllowAzureAccess
Azure.SQL.Auditing
Azure.SQL.DBName
Azure.SQL.DefenderCloud
Azure.SQL.FGName
Azure.SQL.FirewallIPRange
Azure.SQL.FirewallRuleCount
Azure.SQL.MinTLS
Azure.SQL.ServerName
Azure.SQL.TDE
Azure.SQLMI.AAD
Azure.SQLMI.AADOnly
Azure.SQLMI.ManagedIdentity
Azure.SQLMI.Name
Azure.Search.IndexSLA
Azure.Search.ManagedIdentity
Azure.Search.Name
Azure.Search.QuerySLA
Azure.Search.SKU
Azure.ServiceBus.AuditLogs
Azure.ServiceBus.DisableLocalAuth
Azure.ServiceBus.MinTLS
Azure.ServiceBus.Usage
Azure.ServiceFabric.AAD
Azure.SignalR.ManagedIdentity
Azure.SignalR.Name
Azure.SignalR.SLA
Azure.Storage.BlobAccessType
Azure.Storage.BlobPublicAccess
Azure.Storage.ContainerSoftDelete
Azure.Storage.Defender.DataScan
Azure.Storage.Defender.MalwareScan
Azure.Storage.DefenderCloud
Azure.Storage.FileShareSoftDelete
Azure.Storage.Firewall
Azure.Storage.MinTLS
Azure.Storage.Name
Azure.Storage.SecureTransfer
Azure.Storage.SoftDelete
Azure.Storage.UseReplication
Azure.Template.DebugDeployment
Azure.Template.DefineParameters
Azure.Template.ExpressionLength
Azure.Template.LocationDefault
Azure.Template.LocationType
Azure.Template.MetadataLink
Azure.Template.ParameterDataTypes
Azure.Template.ParameterFile
Azure.Template.ParameterMetadata
Azure.Template.ParameterMinMaxValue
Azure.Template.ParameterScheme
Azure.Template.ParameterStrongType
Azure.Template.ParameterValue
Azure.Template.ResourceLocation
Azure.Template.Resources
Azure.Template.TemplateFile
Azure.Template.TemplateSchema
Azure.Template.TemplateScheme
Azure.Template.UseComments
Azure.Template.UseDescriptions
Azure.Template.UseLocationParameter
Azure.Template.UseParameters
Azure.Template.UseVariables
Azure.Template.ValidSecretRef
Azure.TrafficManager.Endpoints
Azure.TrafficManager.Protocol
Azure.VM.ADE
Azure.VM.AMA
Azure.VM.ASAlignment
Azure.VM.ASMinMembers
Azure.VM.ASName
Azure.VM.AcceleratedNetworking
Azure.VM.Agent
Azure.VM.BasicSku
Azure.VM.ComputerName
Azure.VM.DiskAttached
Azure.VM.DiskCaching
Azure.VM.DiskName
Azure.VM.DiskSizeAlignment
Azure.VM.MaintenanceConfig
Azure.VM.MigrateAMA
Azure.VM.Name
Azure.VM.PPGName
Azure.VM.PromoSku
Azure.VM.PublicKey
Azure.VM.SQLServerDisk
Azure.VM.ScriptExtensions
Azure.VM.ShouldNotBeStopped
Azure.VM.Standalone
Azure.VM.Updates
Azure.VM.UseHybridUseBenefit
Azure.VM.UseManagedDisks
Azure.VMSS.AMA
Azure.VMSS.ComputerName
Azure.VMSS.MigrateAMA
Azure.VMSS.Name
Azure.VMSS.PublicKey
Azure.VMSS.ScriptExtensions
Azure.VNET.BastionSubnet
Azure.VNET.FirewallSubnet
Azure.VNET.LocalDNS
Azure.VNET.Name
Azure.VNET.PeerState
Azure.VNET.SingleDNS
Azure.VNET.SubnetName
Azure.VNET.UseNSGs
Azure.VNG.ConnectionName
Azure.VNG.ERAvailabilityZoneSKU
Azure.VNG.ERLegacySKU
Azure.VNG.Name
Azure.VNG.VPNActiveActive
Azure.VNG.VPNAvailabilityZoneSKU
Azure.VNG.VPNLegacySKU
Azure.WebPubSub.ManagedIdentity
Azure.WebPubSub.SLA
Azure.vWAN.Name
Azure.ACR.AdminUser
Azure.ACR.ContainerScan
Azure.ACR.ContentTrust
Azure.ACR.GeoReplica
Azure.ACR.ImageHealth
Azure.ACR.MinSku
Azure.ACR.Name
Azure.ACR.Quarantine
Azure.ACR.Retention
Azure.ACR.Usage
Baselines
Baselines
Azure.All
Azure.Default
Azure.GA_2020_06
Azure.GA_2020_09
Azure.GA_2020_12
Azure.GA_2021_03
Azure.GA_2021_06
Azure.GA_2021_09
Azure.GA_2021_12
Azure.GA_2022_03
Azure.GA_2022_06
Azure.GA_2022_09
Azure.GA_2022_12
Azure.GA_2023_03
Azure.GA_2023_06
Azure.GA_2023_09
Azure.GA_2023_12
Azure.GA_2024_03
Azure.MCSB.v1
Azure.Pillar.CostOptimization
Azure.Pillar.OperationalExcellence
Azure.Pillar.PerformanceEfficiency
Azure.Pillar.Reliability
Azure.Pillar.Security
Azure.Preview
Azure.Preview_2021_09
Azure.Preview_2021_12
Azure.Preview_2022_03
Azure.Preview_2022_06
Azure.Preview_2022_09
Azure.Preview_2022_12
Azure.Preview_2023_03
Azure.Preview_2023_06
Azure.Preview_2023_09
Azure.Preview_2023_12
Azure.Preview_2024_03
Selectors
Selectors
Azure.AppService.IsAPIApp
Azure.AppService.IsFunctionApp
Azure.AppService.IsLogicApp
Azure.AppService.IsWebApp
Azure.FrontDoor.IsClassic
Azure.FrontDoor.IsStandardOrPremium
Azure.Resource.SupportsTags
Azure.ServiceBus.IsPremium
Learn
Learn
Learn PSRule for Azure series
Official learning
404 - Not found