Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Denyactionpr #1406

Merged
merged 20 commits into from
Sep 18, 2023
Merged

Denyactionpr #1406

merged 20 commits into from
Sep 18, 2023
+203 −78

Conversation

4pplied
Copy link
Contributor

@4pplied 4pplied commented Aug 17, 2023
edited
Loading

Overview/Summary

Implementation of DenyAction Delete into Azure Landing Zones for both Activity Logs and Diagnostic Settings as two seperate policy definitions and a policy initiative.

Address story AB#29619

This PR fixes/adds/changes/removes

  1. Two policy definitions for DenyAction Delete Activity Logs and Diagnostic Settings
  2. A policy initiative to apply these two policy definitions

Breaking Changes

  1. N/A

Testing Evidence

image

Testing URLs

Azure Public

Deploy To Azure

Azure US Gov (Fairfax)

Deploy To Azure

As part of this Pull Request I have

  • Checked for duplicate Pull Requests
  • Associated it with relevant issues, for tracking and closure.
  • Ensured my code/branch is up-to-date with the latest changes in the main branch
  • Performed testing and provided evidence.
  • Ensured contribution guidance is followed.
  • Updated relevant and associated documentation.
  • Updated the "What's New?" wiki page (located: /docs/wiki/whats-new.md)

@4pplied 4pplied marked this pull request as ready for review August 17, 2023 13:09
@Springstone Springstone added this to the policy-refresh-fy24-q1 milestone Aug 17, 2023
@Springstone Springstone added the PR: Safe to test 🧪 PRs can run more advanced tests that may deploy or access environments label Aug 17, 2023
@Springstone Springstone reopened this Aug 17, 2023
@Springstone Springstone temporarily deployed to csu-rw August 17, 2023 13:33 — with GitHub Actions Inactive
@github-actions github-actions bot requested a review from a team as a code owner August 17, 2023 13:34
Springstone
Springstone requested changes Aug 17, 2023
View reviewed changes
Copy link
Member

@Springstone Springstone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor What's New updates

docs/wiki/Whats-new.md Outdated
@@ -49,6 +49,10 @@ Major update in this release: introducing the Policy Testing Framework foundatio
- Deploy-SQL-minTLS
- Deploy-MySQL-sslEnforcement (changed from Owner to Contributor role, no built in roles currently available)
- Deploy-PostgreSQL-sslEnforcement (changed from Owner to Contributor role, no built in roles currently available)
- Additional policy definitions:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Additional policy definitions:
- Adding `DenyAction` policy definitions:

docs/wiki/Whats-new.md Outdated
- Additional policy definitions:
- `DenyAction-ActivityLogs`
- `DenyAction-DiagnosticLogs`
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality
- These two policy definitions prevent Activity Log Settings and Diagnostic Settings being deleted leveraging Azure Policy DenyAction functionality
- Additionally including an initiative that includes both `DenyAction` policies

@microsoft-github-policy-service
Copy link
Contributor

This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days.

@jtracey93
Copy link
Collaborator

@JamJarchitect & @Springstone are we also looking to add tests for this one?

@microsoft-github-policy-service
Copy link
Contributor

This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days.

@jtracey93
Copy link
Collaborator

@Springstone @JamJarchitect - whats the latest with this one?

@microsoft-github-policy-service
Copy link
Contributor

This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days.

@Springstone Springstone merged commit bc80050 into Azure:policy-refresh-q1fy24 Sep 18, 2023
1 check passed
Springstone added a commit that referenced this pull request Sep 18, 2023
@Springstone
Revert "Denyactionpr (#1406)"
db09d28 
This reverts commit bc80050.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Springstone Springstone Springstone requested changes

Assignees
No one assigned
Labels
policy PR: Safe to test 🧪 PRs can run more advanced tests that may deploy or access environments
Projects
None yet
Milestone
policy-refresh-fy24-q1
Development

Successfully merging this pull request may close these issues.
3 participants
@4pplied @jtracey93 @Springstone