This repository was archived by the owner on May 24, 2022. It is now read-only.
File tree Expand file tree Collapse file tree 2 files changed +62
-1
lines changed Expand file tree Collapse file tree 2 files changed +62
-1
lines changed Original file line number Diff line number Diff line change 1+ # This file was auto generated
2+ resource "azurerm_policy_definition" "deny_non_rbac_aks" {
3+ name = " Deny-Non-RBAC-AKS"
4+ policy_type = " Custom"
5+ mode = " All"
6+ display_name = " Deny-Non-RBAC-AKS"
7+ description = " null"
8+
9+ management_group_name = . management_group_name
10+ policy_rule = << POLICYRULE
11+ {
12+ "if": {
13+ "allOf": [
14+ {
15+ "field": "type",
16+ "equals": "Microsoft.ContainerService/managedClusters"
17+ },
18+ {
19+ "anyOf": [
20+ {
21+ "field": "Microsoft.ContainerService/managedClusters/enableRBAC",
22+ "exists": "false"
23+ },
24+ {
25+ "field": "Microsoft.ContainerService/managedClusters/enableRBAC",
26+ "equals": "false"
27+ }
28+ ]
29+ }
30+ ]
31+ },
32+ "then": {
33+ "effect": "[parameters('effect')]"
34+ }
35+ }
36+ POLICYRULE
37+
38+ parameters = << PARAMETERS
39+ {
40+ "effect": {
41+ "type": "String",
42+ "metadata": {
43+ "displayName": "Effect",
44+ "description": "Enable or disable the execution of the policy"
45+ },
46+ "allowedValues": [
47+ "Audit",
48+ "Disabled",
49+ "Deny"
50+ ],
51+ "defaultValue": "Audit"
52+ }
53+ }
54+ PARAMETERS
55+
56+ }
57+
58+ output "policydefinition_deny_non_rbac_aks" {
59+ value = . deny_non_rbac_aks
60+ }
61+
Original file line number Diff line number Diff line change 22resource "azurerm_policy_definition" "deploy_diagnostics_databricks" {
33 name = " Deploy-Diagnostics-Databricks"
44 policy_type = " Custom"
5- mode = " All "
5+ mode = " Indexed "
66 display_name = " Deploy-Diagnostics-Databricks"
77 description = " Apply diagnostic settings for Databricks - Log Analytics"
88
You can’t perform that action at this time.
0 commit comments