manage-azure-policy-d6664692.yml

name: manage-azure-policy-d6664692
on:
  workflow_dispatch:
    inputs:
      remarks:
        description: 'Reason for triggering the workflow run'
        required: false
        default: 'Updating Azure Policies'


## Uncomment the following if you wish to automatically trigger workflow run with every commit
#
#  push:
#    paths:
#      - 'KeyVault/policies/Key_vaults_should_have_purge_protection_enabled_0b60c0b2-2dc2-4e1c-b5c9-abbed971de53/**'
#      - 'KeyVault/policies/Azure_Defender_for_Key_Vault_should_be_enabled_0e6763cc-5078-4e64-889d-ff4d9a839047/**'
#      - 'KeyVault/policies/Key_vaults_should_have_soft_delete_enabled_1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d/**'
#      - 'KeyVault/policies/Configure_Azure_Defender_for_Key_Vaults_to_be_enabled_1f725891-01c0-420a-9059-4fa46cb770b7/**'
#      - 'KeyVault/policies/Deploy_-_Configure_diagnostic_settings_for_Azure_Key_Vault_to_Log_Analytics_workspace_951af2fa-529b-416e-ab6e-066fd85ac459/**'
#      - 'KeyVault/policies/Resource_logs_in_Azure_Key_Vault_Managed_HSM_should_be_enabled_a2a5b911-5617-447e-a49e-59dbe0e0434b/**'
#      - 'KeyVault/policies/Deploy_-_Configure_diagnostic_settings_to_an_Event_Hub_to_be_enabled_on_Azure_Key_Vault_Managed_HSM_a6d2c800-5230-4a40-bff3-8268b4987d42/**'
#      - 'KeyVault/policies/Deploy_-_Configure_diagnostic_settings_to_a_Log_Analytics_workspace_to_be_enabled_on_Azure_Key_Vault_Managed_HSM_b3884c81-31aa-473d-a9bb-9466fe0ec2a0/**'
#      - 'KeyVault/policies/Deploy_Diagnostic_Settings_for_Key_Vault_to_Log_Analytics_workspace_bef3f64c-5290-43b7-85b0-9b254eef4c47/**'
#      - 'KeyVault/policies/Azure_Key_Vault_Managed_HSM_should_have_purge_protection_enabled_c39ba22d-4428-4149-b981-70acb31fc383/**'
#      - 'KeyVault/policies/Resource_logs_in_Key_Vault_should_be_enabled_cf820ca0-f99e-4f3e-84fb-66e913812d21/**'
#      - 'KeyVault/policies/Key_Vault_should_use_a_virtual_network_service_endpoint_ea4d6841-2173-4317-9747-ff522a45120f/**'
#      - 'KeyVault/policies/Key_Vault_keys_should_have_an_expiration_date_152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0/**'
#      - 'KeyVault/policies/Key_Vault_secrets_should_have_an_expiration_date_98728c90-32c7-4049-8429-847dc0f4fe37/**'
#      - .github/workflows/manage-azure-policy-d6664692.yml
jobs:
  apply-azure-policy:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v2
    - name: Login to Azure
      uses: azure/login@v1
      with:
        creds: ${{secrets.AZURE_CREDENTIALS_d6664692}}
        allow-no-subscriptions: true
    - name: Create or Update Azure Policies
      uses: azure/manage-azure-policy@v0
      with:
        paths: |
          KeyVault/policies/Key_vaults_should_have_purge_protection_enabled_0b60c0b2-2dc2-4e1c-b5c9-abbed971de53/**
          KeyVault/policies/Azure_Defender_for_Key_Vault_should_be_enabled_0e6763cc-5078-4e64-889d-ff4d9a839047/**
          KeyVault/policies/Key_vaults_should_have_soft_delete_enabled_1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d/**
          KeyVault/policies/Configure_Azure_Defender_for_Key_Vaults_to_be_enabled_1f725891-01c0-420a-9059-4fa46cb770b7/**
          KeyVault/policies/Deploy_-_Configure_diagnostic_settings_for_Azure_Key_Vault_to_Log_Analytics_workspace_951af2fa-529b-416e-ab6e-066fd85ac459/**
          KeyVault/policies/Resource_logs_in_Azure_Key_Vault_Managed_HSM_should_be_enabled_a2a5b911-5617-447e-a49e-59dbe0e0434b/**
          KeyVault/policies/Deploy_-_Configure_diagnostic_settings_to_an_Event_Hub_to_be_enabled_on_Azure_Key_Vault_Managed_HSM_a6d2c800-5230-4a40-bff3-8268b4987d42/**
          KeyVault/policies/Deploy_-_Configure_diagnostic_settings_to_a_Log_Analytics_workspace_to_be_enabled_on_Azure_Key_Vault_Managed_HSM_b3884c81-31aa-473d-a9bb-9466fe0ec2a0/**
          KeyVault/policies/Deploy_Diagnostic_Settings_for_Key_Vault_to_Log_Analytics_workspace_bef3f64c-5290-43b7-85b0-9b254eef4c47/**
          KeyVault/policies/Azure_Key_Vault_Managed_HSM_should_have_purge_protection_enabled_c39ba22d-4428-4149-b981-70acb31fc383/**
          KeyVault/policies/Resource_logs_in_Key_Vault_should_be_enabled_cf820ca0-f99e-4f3e-84fb-66e913812d21/**
          KeyVault/policies/Key_Vault_should_use_a_virtual_network_service_endpoint_ea4d6841-2173-4317-9747-ff522a45120f/**
          KeyVault/policies/Key_Vault_keys_should_have_an_expiration_date_152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0/**
          KeyVault/policies/Key_Vault_secrets_should_have_an_expiration_date_98728c90-32c7-4049-8429-847dc0f4fe37/**