PCI DSS Blueprint
I can no longer find the PCI DSS Blueprint. https://azure.microsoft.com/en-us/blog/new-pci-dss-azure-blueprint-makes-compliance-simpler/
Deploying Microsoft Sentinel workbooks with Azure blueprints
Dear Support, As part of the Blueprint deployment process to deploy MS sentinel as a whole, would like to verify whether workbooks and notebooks can be included as json artefacts. Appreciate if you could point me to any reference documentation. …
Restricting Access in Customer Owned Subscription
Without using Azure Blueprint, how can I restrict a customer from altering a specific NVA/Subnet/PIP where the customer as owner access to the subscription? Are there any other tenant level polices I can leverage to lock down a specific resource or…
Microsoft Online Services Program Subscriptions
Hello, I have an MOSP account type. Is it possible to create subscriptions using ARM templates or must they be created manually? I noticed that with Terraform, the data resource for MOSP does not exist to create the subscription does not exist. …
If a user is granted reader role on subscription level, but I want to remove his readre role for a particular resource group under this subscription
if a user is granted owner role on subscription level, but I want to remove his owner role for a particular resource group under this subscription. I understand this can be achieved by deny assignment. Therefore wants to know how to create blueprint for…
Blueprint could not assign to other subscriptions
The variable is fixed and could not be modified. Is there any permission i have set wrongly. Thanks FYI. I got owner rbac roles for all subscriptions
Issue choosing minimal TLS version for Azure SQL server ARM template
Hi, I have an issue trying to choose the minimal TLS version for my Azure SQL server. Everytime I try to deploy this template without this parameter it works and when I deploy it with this parameter it fails. I was wondering if anyone knows why and how…
Creating Azure Blueprint with Azure SQL database + server and additional security features
Hi, I am trying to create a basic Azure Blueprint that deploys an Azure SQL database + server. I will mainly use an ARM template and policies to audit certain features. I want to add these features to the ARM template: TLS 1.2 encryption …
Why do I get the "This is not a valid template" error in my ARM template/JSON code?
Hi there, I am trying to create an ARM template for deploying an Azure SQL Database + Server. I am looking to use this ARM template in a Blueprint I am trying to setup. For some reason my template is not showing the amount of resource and gives me an…
Can you deploy Blueprints to several subscriptions through Azure Devops pipelines?
I have a simple azure blueprint that creates a resource group, application insights, and a query pack through a nested template. Is it possible for me to deploy this blueprint as code to several different subscriptions using an Azure Devops Pipeline? …
Azure Blueprint for deny assignment
Can you share how to do achieve deny assignment using Azure Blueprints, couldnt find the example specifically for deny assignments. This is needed to disable inheritance.
Powershell Blueprint Import Error
I am following this document to export/import blueprints: https://learn.microsoft.com/en-us/azure/governance/blueprints/how-to/import-export-ps Using Azure Powershell, I was able to export the blueprint from a management group to my local…
Exclusion from Azure Locks
Hello guys, one question. Short and simple! :-D Is there any opportunity to exclude any resource type from a lock? Every resource in a resource group should be protected from unwanted deletion. But snapshots may be deleted. Greetings, Chris
Azure blueprints deny inherted roles to storage account
We have a storage account that contains sensitive info. We need to remove certain groups that have inherited access. (the dev group for example) If I select the group and try to "Remove" the group from the storage account it tells me…
Unable to Import Blueprint using PowerShell
I have created a Blueprint, myblueprint1, in tenant1. The scope of Blueprint is at subscription level. BluePrint contains custom policies as Artifacts. I am able to successfully import the BluePrint using PowerShell with identity of global administrator…
After deploying Blueprint, If I want all newly created resources should be rollback, removed permanently through blue Print, is it possible? if yes, then how? Or do I need to manually go back to the individual resource that was created & removed?
After deploying Blueprint, If I want all newly created resources should be rollback, removed permanently through blue Print, is it possible? if yes, then how? Or do I need to manually go back to the individual resource that was created & removed?
Is Azure Blueprints an equivalent of Terraform?
Is Azure Blueprints an equivalent of Terraform?
Why is NIST SP 800-53 not available in Azure Blueprints now?
This article indicates NIST SP 800-53 R4 has been updated to NIST SP 800-53 R5. Why is no longer available in Blueprints as an option?
Diagnostic settings not showing as defined for certain resources.
Vnet gateways and subnets diagnostic settings are both accessed the same way. Theyre not under the monitor section of the resource but under activity log then diagnostic settings. I have a policy to define these settings but there is some discrepancy in…