From d8aa6a41cef87c926d1caff87881e15b6e268683 Mon Sep 17 00:00:00 2001
From: geekyshameem <geekyshameem@gmail.com>
Date: Thu, 5 Feb 2026 00:36:44 +0530
Subject: [PATCH 1/2] Added an Azure Policy to Deny the creation of Azure AI
 Video Indexer with Public Network Access in order to use private endpoint for
 Inbound Communication

---
 .../azurepolicy.json                          | 45 +++++++++++++++++++
 .../azurepolicy.parameters.json               | 15 +++++++
 .../azurepolicy.rules.json                    | 17 +++++++
 3 files changed, 77 insertions(+)
 create mode 100644 policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json
 create mode 100644 policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.parameters.json
 create mode 100644 policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.rules.json

diff --git a/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json
new file mode 100644
index 00000000..f2a378d0
--- /dev/null
+++ b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json	
@@ -0,0 +1,45 @@
+{
+  "name": "27e66ba1-7f71-4a8e-b981-ef06d5c78c1b",
+  "type": "Microsoft.Authorization/policyDefinitions",
+  "properties": {
+    "displayName": "Azure AI Video Indexer Should Disable Public Network Access",
+    "description": "This policy Denies the creation of AI Video Indexer accounts with Public Network Access enabled. Disabling Public Network Access helps to enhance the security of your Video Indexer accounts by restricting access to trusted networks only.",
+    "metadata": {
+      "version": "1.1.0",
+      "category": "Video Indexer"
+    },
+    "mode": "Indexed",
+    "parameters": {
+      "effect": {
+        "type": "String",
+        "metadata": {
+          "displayName": "Effect",
+          "description": "Deny, Audit or Disabled the execution of the Policy"
+        },
+        "allowedValues": [
+          "Deny",
+          "Audit",
+          "Disabled"
+        ],
+        "defaultValue": "Deny"
+      }
+    },
+    "policyRule": {
+      "if": {
+        "allOf": [
+          {
+            "field": "type",
+            "equals": "Microsoft.VideoIndexer/accounts"
+          },
+          {          
+              "field": "Microsoft.VideoIndexer/accounts/publicNetworkAccess",
+              "notEquals": "Disabled"
+          }
+        ]
+      },
+      "then": {
+        "effect": "[parameters('effect')]"
+      }
+    }
+  }
+}
\ No newline at end of file
diff --git a/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.parameters.json b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.parameters.json
new file mode 100644
index 00000000..470fd378
--- /dev/null
+++ b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.parameters.json	
@@ -0,0 +1,15 @@
+{
+  "effect": {
+    "type": "String",
+    "metadata": {
+      "displayName": "Effect",
+      "description": "Deny, Audit or Disabled the execution of the Policy"
+    },
+    "allowedValues": [
+      "Deny",
+      "Audit",
+      "Disabled"
+    ],
+    "defaultValue": "Deny"
+  }
+}
diff --git a/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.rules.json b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.rules.json
new file mode 100644
index 00000000..a03095c6
--- /dev/null
+++ b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.rules.json	
@@ -0,0 +1,17 @@
+{
+  "if": {
+    "allOf": [
+      {
+        "field": "type",
+        "equals": "Microsoft.VideoIndexer/accounts"
+      },
+      {          
+          "field": "Microsoft.VideoIndexer/accounts/publicNetworkAccess",
+          "notEquals": "Disabled"
+      }
+    ]
+  },
+  "then": {
+    "effect": "[parameters('effect')]"
+  }
+}
\ No newline at end of file

From 4dc727e8987d72052a471fbc045bad26d31eb0e5 Mon Sep 17 00:00:00 2001
From: geekyshameem <geekyshameem@gmail.com>
Date: Thu, 5 Feb 2026 00:41:03 +0530
Subject: [PATCH 2/2] Added an Azure Policy to Deny the creation of Azure AI
 Video Indexer with Public Network Access in order to use private endpoint for
 Inbound Communication

---
 .../azurepolicy.json                                            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json
index f2a378d0..73cffaa3 100644
--- a/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json	
+++ b/policyDefinitions/Video Indexer/Video Indexer Should Disable Public Network Access/azurepolicy.json	
@@ -5,7 +5,7 @@
     "displayName": "Azure AI Video Indexer Should Disable Public Network Access",
     "description": "This policy Denies the creation of AI Video Indexer accounts with Public Network Access enabled. Disabling Public Network Access helps to enhance the security of your Video Indexer accounts by restricting access to trusted networks only.",
     "metadata": {
-      "version": "1.1.0",
+      "version": "1.0.0",
       "category": "Video Indexer"
     },
     "mode": "Indexed",