Skip to content

Instantly share code, notes, and snippets.

@ehrnst

ehrnst/postgres-policy.json

Created November 29, 2021 08:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ehrnst/1830759c5c252f8e16446e626a9e971c to your computer and use it in GitHub Desktop.
Save ehrnst/1830759c5c252f8e16446e626a9e971c to your computer and use it in GitHub Desktop.
Download ZIP
Postgres Azure policy for geo replication with tag override
Raw
postgres-policy.json
{
"properties": {
"displayName": "PostgreSQL should have Geo replication enabled",
"policyType": "Custom",
"mode": "Indexed",
"description": "This policy checks wheter Geo replication is enabled or not. You can exclude the database from the policy by adding 'noGeo' : 'true' as tag and value",
"metadata": {
"category": "SQL",
"createdBy": "75e5f040-6c35-4bc7-baef-eae05fc48acb",
"createdOn": "2021-03-22T12:10:49.814614Z",
"updatedBy": null,
"updatedOn": null
},
"parameters": {
"effect": {
"type": "String",
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
},
"allowedValues": [
"Audit",
"Deny",
"Disabled"
],
"defaultValue": "Audit"
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.DBforPostgreSQL/servers"
},
{
"field": "Microsoft.DBforPostgreSQL/servers/replicationRole",
"equals": "None"
},
{
"field": "[concat('tags[', 'noGeo', ']')]",
"notEquals": "true"
}
]
},
"then": {
"effect": "[parameters('effect')]"
}
}
},
"id": "/subscriptions//providers/Microsoft.Authorization/policyDefinitions/e2a95e10-761d-4cd2-8e61-eefb5681d7d7",
"type": "Microsoft.Authorization/policyDefinitions",
"name": "e2a95e10-761d-4cd2-8e61-eefb5681d7d7"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment