ljtill/policy.json

## policy.json
{
    "displayName": "",
    "policyType": "Custom",
    "mode": "All",
    "parameters": {},
    "policyRule": {
        "if": {
            "allOf": [
                {
                    "field": "type",
                    "equals": "Microsoft.Network/networkSecurityGroups"
                },
                {
                    "count": {
                        "field": "Microsoft.Network/networkSecurityGroups/securityRules[*]",
                        "where": {
                            "allOf": [
                                {
                                    "field": "Microsoft.Network/networkSecurityGroups/securityRules[*].name",
                                    "equals": ""
                                }
                            ]
                        }
                    },
                    "equals": 0
                }
            ]
        },
        "then": {
            "effect": "append",
            "details": [
                {
                    "field": "Microsoft.Network/networkSecurityGroups/securityRules[*]",
                    "value": {
                        "name": "",
                        "properties": {
                            "protocol": "*",
                            "sourcePortRange": "*",
                            "destinationPortRange": "*",
                            "sourceAddressPrefix": "",
                            "sourceAddressPrefixes": [
                                "10.1.0.0/16"
                            ],
                            "destinationAddressPrefix": "VirtualNetwork",
                            "destinationAddressPrefixes": [],
                            "access": "Deny",
                            "priority": "4096",
                            "direction": "Inbound"
                        }
                    }
                }
            ]
        }
    }
}
	{
	"displayName": "",
	"policyType": "Custom",
	"mode": "All",
	"parameters": {},
	"policyRule": {
	"if": {
	"allOf": [
	{
	"field": "type",
	"equals": "Microsoft.Network/networkSecurityGroups"
	},
	{
	"count": {
	"field": "Microsoft.Network/networkSecurityGroups/securityRules[*]",
	"where": {
	"allOf": [
	{
	"field": "Microsoft.Network/networkSecurityGroups/securityRules[*].name",
	"equals": ""
	}
	]
	}
	},
	"equals": 0
	}
	]
	},
	"then": {
	"effect": "append",
	"details": [
	{
	"field": "Microsoft.Network/networkSecurityGroups/securityRules[*]",
	"value": {
	"name": "",
	"properties": {
	"protocol": "*",
	"sourcePortRange": "*",
	"destinationPortRange": "*",
	"sourceAddressPrefix": "",
	"sourceAddressPrefixes": [
	"10.1.0.0/16"
	],
	"destinationAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefixes": [],
	"access": "Deny",
	"priority": "4096",
	"direction": "Inbound"
	}
	}
	}
	]
	}
	}
	}