Azure 应用程序配置的 Azure Policy 内置定义Azure Policy built-in definitions for Azure App Configuration

此页是 Azure 应用程序配置的 Azure Policy 内置策略定义的索引。This page is an index of Azure Policy built-in policy definitions for Azure App Configuration. 有关其他服务的其他 Azure Policy 内置定义,请参阅 Azure Policy 内置定义For additional Azure Policy built-ins for other services, see Azure Policy built-in definitions.

每个内置策略定义链接(指向 Azure 门户中的策略定义)的名称。The name of each built-in policy definition links to the policy definition in the Azure portal. 使用“版本”列中的链接查看 Azure Policy GitHub 存储库上的源。Use the link in the Version column to view the source on the Azure Policy GitHub repo.

Azure 应用配置Azure App Configuration

(Azure 门户)(Azure portal)
说明Description 效果Effect(s) 版本Version
应用程序配置应使用客户管理的密钥App Configuration should use a customer-managed key 客户管理的密钥可便于管理加密密钥,从而提供增强的数据保护。Customer-managed keys provide enhanced data protection by allowing you to manage your encryption keys. 这通常是满足合规性要求所必需的。This is often required to meet compliance requirements. Audit、Deny、DisabledAudit, Deny, Disabled
应用程序配置应使用专用链接App Configuration should use private link 通过 Azure 专用链接,在没有源位置或目标位置的公共 IP 地址的情况下,也可以将虚拟网络连接到 Azure 服务。Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. 专用链接平台处理使用者与服务之间通过 Azure 主干网络进行的连接。The private link platform handles the connectivity between the consumer and services over the Azure backbone network. 通过将专用终结点映射到应用配置实例(而不是整个服务),还可以防范数据泄露风险。By mapping private endpoints to your app configuration instances instead of the entire service, you'll also be protected against data leakage risks. 有关详细信息,请访问: more at: AuditIfNotExists、DisabledAuditIfNotExists, Disabled

后续步骤Next steps