Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Azure policy exemptions to the deny assignment #3586

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Adding Azure policy exemptions to the deny assignment #3586

wants to merge 1 commit into from

Conversation

shane-snyder
Copy link

Which issue this PR addresses:

Fixes https://issues.redhat.com/browse/XCMSTRAT-681

What this PR does / why we need it:

Currently, customers that need to submit Azure policy exemptions in the ARO resource group are unable to, as they're blocked by the deny assignment. For instance, many have an Azure Policy that states "Storage accounts should disable public network access", but are blocked from applying an exemption to that policy in Azure Policy. For some, doing so is needed for compliance.

Test plan for issue:

I'm unsure how we can properly test the deny assignment prior to pushing this change.

Is there any documentation that needs to be updated for this PR?

No

How do you know this will function as expected in production?

This changed is just scoped to policyExemptions
https://learn.microsoft.com/en-us/azure/governance/policy/concepts/exemption-structure#required-permissions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jewzaam jewzaam Awaiting requested review from jewzaam jewzaam is a code owner

@bennerv bennerv Awaiting requested review from bennerv bennerv is a code owner

@hawkowl hawkowl Awaiting requested review from hawkowl hawkowl is a code owner

@rogbas rogbas Awaiting requested review from rogbas rogbas is a code owner

@petrkotas petrkotas Awaiting requested review from petrkotas petrkotas is a code owner

@jharrington22 jharrington22 Awaiting requested review from jharrington22 jharrington22 is a code owner

@cblecker cblecker Awaiting requested review from cblecker cblecker is a code owner

@cadenmarchese cadenmarchese Awaiting requested review from cadenmarchese cadenmarchese is a code owner

@UlrichSchlueter UlrichSchlueter Awaiting requested review from UlrichSchlueter UlrichSchlueter is a code owner

@s-amann s-amann Awaiting requested review from s-amann

@SudoBrendan SudoBrendan Awaiting requested review from SudoBrendan SudoBrendan is a code owner

@Shivkumar13 Shivkumar13 Awaiting requested review from Shivkumar13 Shivkumar13 is a code owner

@yjst2012 yjst2012 Awaiting requested review from yjst2012 yjst2012 is a code owner

@jaitaiwan jaitaiwan Awaiting requested review from jaitaiwan jaitaiwan is a code owner

@anshulvermapatel anshulvermapatel Awaiting requested review from anshulvermapatel anshulvermapatel is a code owner

@hlipsig hlipsig Awaiting requested review from hlipsig hlipsig is a code owner

@tiguelu tiguelu Awaiting requested review from tiguelu tiguelu is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@shane-snyder