ljtill · July 1, 2021 20:24
diff --git a/azurepolicy.json b/azurepolicy.json
 {
  "mode": "All",
  "policyRule": {
    "if": {
      "allOf": [
        {
          "not": {
            "anyOf": [
              {
                "contains": "Microsoft.Network/applicationGateway",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/applicationSecurityGroups",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/networkSecurityGroups",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/loadBalancers",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/locations",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/networkInterfaces",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/privateDns",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/operations",
                "field": "type"
              },
              {
                "contains": "Microsoft.Network/privateEndpoint",
                "field": "type"
              }
            ]
          }
        },
        {
          "anyOf": [
            {
              "contains": "Microsoft.Network/",
              "field": "type"
            }
          ]
        }
      ]
    },
    "then": {
      "effect": "deny"
    }
  },
  "parameters": {}
 }
	{
	"mode": "All",
	"policyRule": {
	"if": {
	"allOf": [
	{
	"not": {
	"anyOf": [
	{
	"contains": "Microsoft.Network/applicationGateway",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/applicationSecurityGroups",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/networkSecurityGroups",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/loadBalancers",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/locations",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/networkInterfaces",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/privateDns",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/operations",
	"field": "type"
	},
	{
	"contains": "Microsoft.Network/privateEndpoint",
	"field": "type"
	}
	]
	}
	},
	{
	"anyOf": [
	{
	"contains": "Microsoft.Network/",
	"field": "type"
	}
	]
	}
	]
	},
	"then": {
	"effect": "deny"
	}
	},
	"parameters": {}
	}