Policy Initiative 'Audit Public Network Access' does not contain policy 'Azure AI Services resources should restrict network access'

[n-athan]

Details of the scenario you tried and the problem that is occurring

I want to audit all Azure Resources to govern the Public Network Access. We use the builtin initiative Audit Public Network Access to check as many resources as possible. The policy to audit network access on Azure AI services is not yet included in the initiative.

Verbose logs showing the problem

There is no policy about AI in the set, as shown with this query in the AZ CLI.

az policy set-definition show --name f1535064-3294-48fa-94e2-6e83095a5c08 --query "policyDefinitions[?contains(@.policyDefinitionReferenceId, 'ai')]" --output table
PolicyDefinitionId                                                                         PolicyDefinitionReferenceId
-----------------------------------------------------------------------------------------  -----------------------------------------------------
/providers/Microsoft.Authorization/policyDefinitions/0fdf0491-d080-4575-b627-ad0e843cba0f  AuditPublicNetworkAccessForMicrosoftContainerRegistry
/providers/Microsoft.Authorization/policyDefinitions/f8f774be-6aee-492a-9e29-486ef81f3a68  AuditPublicNetworkAccessForMicrosoftEventGridDomains

Suggested solution to the issue

Include policy definition Azure AI Services resources should restrict network access (id /providers/Microsoft.Authorization/policyDefinitions/037eea7a-bd0a-46c5-9a66-03aea78705d3) in the policy initiative.