问题描述
我正在尝试创建一个拒绝允许端口22的NSG规则的策略。预期结果是,天蓝色将拒绝允许端口22的任何NSG安全规则。这是我到目前为止所拥有的,但是在测试时,它是仍然允许我创建它。
{
"policyRule": {
"if": {
"anyOf": [
{
"allOf": [
{
"field": "type","equals": "Microsoft.Network/networkSecurityGroups/securityRules"
},{
"allOf": [
{
"field": "Microsoft.Network/networkSecurityGroups/securityRules/direction","equals": "Inbound"
},{
"field": "Microsoft.Network/networkSecurityGroups/securityRules/access","equals": "Allow"
},{
"field": "Microsoft.Network/networkSecurityGroups/securityRules/destinationPortRanges","contains": "22"
}
]
}
]
},{
"allOf": [
{
"field": "type","equals": "Microsoft.Network/networkSecurityGroups"
},{
"allOf": [
{
"field": "Microsoft.Network/networkSecurityGroups/securityRules[*].direction",{
"field": "Microsoft.Network/networkSecurityGroups/securityRules[*].access",{
"field": "Microsoft.Network/networkSecurityGroups/securityRules[*].destinationPortRange","contains": "22"
}
]
}
]
}
]
},"then": {
"effect": "deny"
}
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)