More Info:

Ensure Not Allowed Resource Types Policy Assignment in Use

Risk Level

Medium

Address

Operational Maturity, Security

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the “Ensure Not Allowed Resource Types Policy Assignment In Use” misconfiguration in Azure using the Azure console, follow the below steps:

  1. Open the Azure Portal and log in to your account.
  2. In the left-hand menu, click on “Policy” under “Governance and management”.
  3. In the “Policy” blade, click on “Assignments” and select the policy assignment that is causing the misconfiguration.
  4. Click on the “Edit” button at the top of the blade.
  5. In the “Edit assignment” blade, scroll down to the “Parameters” section and locate the “disallowedResourceTypes” parameter.
  6. Edit the value of the “disallowedResourceTypes” parameter to remove any resource types that are not actually disallowed.
  7. Click on the “Review + Save” button at the bottom of the blade.
  8. Review the changes and click on the “Save” button to apply the changes.

Once the changes are saved, the “Ensure Not Allowed Resource Types Policy Assignment In Use” misconfiguration will be remediated in Azure.