last sync: 2023-Dec-05 19:46:27 UTC

Azure Policy definition

Azure Data Factory linked services should use Key Vault for storing secrets

Source Azure Portal
Display name Azure Data Factory linked services should use Key Vault for storing secrets
Id 127ef6d7-242f-43b3-9eef-947faf1725d0
Version 1.0.0
Details on versioning
Category Data Factory
Microsoft Learn
Description To ensure secrets (such as connection strings) are managed securely, require users to provide secrets using an Azure Key Vault instead of specifying them inline in linked services.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (30)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.mwsAuthToken.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.mwsAuthToken.type false
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.secretKey.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.secretKey.type false
Microsoft.DataFactory/factories/linkedservices/AmazonS3.typeProperties.secretAccessKey.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.secretAccessKey.type false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalKey false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalKey.type false
Microsoft.DataFactory/factories/linkedservices/AzureSearch.typeProperties.key.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.key.type false
Microsoft.DataFactory/factories/linkedservices/AzureSqlDW.typeProperties.servicePrincipalKey.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalKey.type false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.accountKey Microsoft.DataFactory factories/linkedservices properties.typeProperties.accountKey false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri Microsoft.DataFactory factories/linkedservices properties.typeProperties.sasUri false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.sasUri.type false
Microsoft.DataFactory/factories/linkedservices/CosmosDb.typeProperties.accountKey.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.accountKey.type false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalCredential false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalCredential.type false
Microsoft.DataFactory/factories/linkedservices/GoogleAdWords.typeProperties.developerToken.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.developerToken.type false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.clientSecret.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.clientSecret.type false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.refreshToken.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.refreshToken.type false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken Microsoft.DataFactory factories/linkedservices properties.typeProperties.accessToken false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.accessToken.type false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCert.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalEmbeddedCert.type false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCertPassword.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.servicePrincipalEmbeddedCertPassword.type false
Microsoft.DataFactory/factories/linkedservices/Odbc.typeProperties.credential.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.credential.type false
Microsoft.DataFactory/factories/linkedservices/Salesforce.typeProperties.securityToken.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.securityToken.type false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.passPhrase.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.passPhrase.type false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.privateKeyContent.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.privateKeyContent.type false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password Microsoft.DataFactory factories/linkedservices properties.typeProperties.password false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.password.type false
Microsoft.DataFactory/factories/linkedservices/type Microsoft.DataFactory factories/linkedservices properties.type false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString Microsoft.DataFactory factories/linkedservices properties.typeProperties.connectionString false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString.type Microsoft.DataFactory factories/linkedservices properties.typeProperties.connectionString.type false
Microsoft.DataFactory/factories/linkedservices/typeProperties.encryptedCredential Microsoft.DataFactory factories/linkedservices properties.typeProperties.encryptedCredential false
Rule resource types IF (1)
Microsoft.DataFactory/factories/linkedservices
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-01-13 18:06:06 change Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-02-10 14:43:58 add 127ef6d7-242f-43b3-9eef-947faf1725d0
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC