AzPolicyAdvertizer

last sync: 2025-Sep-16 17:23:30 UTC

[Deprecated]: Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources

0961003e-5a0a-4549-abde-af6a37f2724d

Version

2.1.0-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 2
2.1.0 (2.1.0-deprecated)
2.0.3
Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

This policy definition is no longer the recommended way to achieve its intent. Instead of continuing to use this policy, we recommend you assign this replacement policies with policy IDs 3dc5edcd-002d-444c-b216-e123bbfa37c0 and ca88aadc-6e2b-416c-9de2-5a0f01d1693f. Learn more about policy definition deprecation at aka.ms/policydefdeprecation

Cloud environments

AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown

Available in AzUSGov

Unknown, no evidence if Policy definition is/not available in AzureUSGovernment

Mode

All

Type

BuiltIn

Preview

False

Deprecated

True

References

References to 2 related Policy definitions (taken from description)
Windows virtual machines should enable Azure Disk Encryption or EncryptionAtHost. (3dc5edcd-002d-444c-b216-e123bbfa37c0)
Linux virtual machines should enable Azure Disk Encryption or EncryptionAtHost. (ca88aadc-6e2b-416c-9de2-5a0f01d1693f)

Effect

Default
Disabled
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/assessments/status.code	Microsoft.Security	assessments	properties.status.code	True		False

Rule resource types

IF (2)

Microsoft.ClassicCompute/virtualMachines
Microsoft.Compute/virtualMachines

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Deprecated]: Deny or Audit resources without Encryption with a customer-managed key (CMK)	Enforce-Encryption-CMK	Encryption	Deprecated	ALZ

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-06-03 17:39:43	change	Minor, new suffix: deprecated (2.0.3 > 2.1.0-deprecated)
2021-10-22 15:42:38	change	Patch (2.0.2 > 2.0.3)
2021-09-13 16:35:32	change	Patch (2.0.1 > 2.0.2)
2021-07-15 16:24:53	change	Patch (2.0.0 > 2.0.1)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC