AzPolicyAdvertizer

last sync: 2025-Jun-13 17:23:19 UTC

Audit - Databricks should use customer-managed key for encrypting DBFS

Community Policy definition

Source Repository Community-Policy GitHub
JSON Community-Policy GitHub
Deploy policy 06890ef8-c043-4a48-a791-58e95b6d5c11 (1.0.0) to Azure
Display name Audit - Databricks should use customer-managed key for encrypting DBFS
Id 06890ef8-c043-4a48-a791-58e95b6d5c11
Version 1.0.0
Details on versioning
Category Azure Databricks
Microsoft Learn
Description Customer-managed key should be used to encrypt DBFS in Databricks service. The policy marks a resource Noncompliant if the prepareEncryption value is not set to true. The resource is also marked Noncompliant when the keySource value does not exist.
Mode All
Type Custom Community
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Databricks/workspaces/parameters.encryption.value.keySource Microsoft.Databricks workspaces properties.parameters.encryption.value.keySource True False
Microsoft.Databricks/workspaces/parameters.prepareEncryption.value Microsoft.Databricks workspaces properties.parameters.prepareEncryption.value True False
Rule resource types IF (1)
Microsoft.Databricks/workspaces
JSON
EPAC
Deploy policy 06890ef8-c043-4a48-a791-58e95b6d5c11 (1.0.0) to Azure