AzPolicyAdvertizer

last sync: 2023-Dec-05 19:46:27 UTC

Azure Policy definition

Azure Data Factory linked services should use Key Vault for storing secrets

Source

Azure Portal

Display name

Azure Data Factory linked services should use Key Vault for storing secrets

127ef6d7-242f-43b3-9eef-947faf1725d0

Version

1.0.0
Details on versioning

Category

Data Factory
Microsoft Learn

Description

To ensure secrets (such as connection strings) are managed securely, require users to provide secrets using an Azure Key Vault instead of specifying them inline in linked services.

Mode

All

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (30)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.mwsAuthToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.mwsAuthToken.type	false
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.secretKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.secretKey.type	false
Microsoft.DataFactory/factories/linkedservices/AmazonS3.typeProperties.secretAccessKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.secretAccessKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey	false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureSearch.typeProperties.key.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.key.type	false
Microsoft.DataFactory/factories/linkedservices/AzureSqlDW.typeProperties.servicePrincipalKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.accountKey	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accountKey	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.sasUri	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.sasUri.type	false
Microsoft.DataFactory/factories/linkedservices/CosmosDb.typeProperties.accountKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accountKey.type	false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalCredential	false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalCredential.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleAdWords.typeProperties.developerToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.developerToken.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.clientSecret.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.clientSecret.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.refreshToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.refreshToken.type	false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accessToken	false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accessToken.type	false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCert.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalEmbeddedCert.type	false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCertPassword.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalEmbeddedCertPassword.type	false
Microsoft.DataFactory/factories/linkedservices/Odbc.typeProperties.credential.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.credential.type	false
Microsoft.DataFactory/factories/linkedservices/Salesforce.typeProperties.securityToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.securityToken.type	false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.passPhrase.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.passPhrase.type	false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.privateKeyContent.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.privateKeyContent.type	false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.password	false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.password.type	false
Microsoft.DataFactory/factories/linkedservices/type	Microsoft.DataFactory	factories/linkedservices	properties.type	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.connectionString	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.connectionString.type	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.encryptedCredential	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.encryptedCredential	false

Rule resource types

IF (1)
Microsoft.DataFactory/factories/linkedservices

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-01-13 18:06:06	change	Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-02-10 14:43:58	add	127ef6d7-242f-43b3-9eef-947faf1725d0

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC