AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Azure Data Factory linked services should use Key Vault for storing secrets

Name

Azure Data Factory linked services should use Key Vault for storing secrets
Azure Portal

127ef6d7-242f-43b3-9eef-947faf1725d0

Version

1.0.0
details on versioning

Category

Data Factory
Microsoft docs

Description

To ensure secrets (such as connection strings) are managed securely, require users to provide secrets using an Azure Key Vault instead of specifying them inline in linked services.

Mode

All

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
Audit
Allowed
Audit, Deny, Disabled

RBAC
Role(s)

none

Rule
Aliases

IF (30)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.mwsAuthToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.mwsAuthToken.type	false
Microsoft.DataFactory/factories/linkedservices/AmazonMWS.typeProperties.secretKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.secretKey.type	false
Microsoft.DataFactory/factories/linkedservices/AmazonS3.typeProperties.secretAccessKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.secretAccessKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey	false
Microsoft.DataFactory/factories/linkedservices/AzureBlobStorage.typeProperties.servicePrincipalKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureSearch.typeProperties.key.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.key.type	false
Microsoft.DataFactory/factories/linkedservices/AzureSqlDW.typeProperties.servicePrincipalKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalKey.type	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.accountKey	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accountKey	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.sasUri	false
Microsoft.DataFactory/factories/linkedservices/AzureStorage.typeProperties.sasUri.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.sasUri.type	false
Microsoft.DataFactory/factories/linkedservices/CosmosDb.typeProperties.accountKey.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accountKey.type	false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalCredential	false
Microsoft.DataFactory/factories/linkedservices/Dynamics.typeProperties.servicePrincipalCredential.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalCredential.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleAdWords.typeProperties.developerToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.developerToken.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.clientSecret.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.clientSecret.type	false
Microsoft.DataFactory/factories/linkedservices/GoogleBigQuery.typeProperties.refreshToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.refreshToken.type	false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accessToken	false
Microsoft.DataFactory/factories/linkedservices/Hubspot.typeProperties.accessToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.accessToken.type	false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCert.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalEmbeddedCert.type	false
Microsoft.DataFactory/factories/linkedservices/OData.typeProperties.servicePrincipalEmbeddedCertPassword.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.servicePrincipalEmbeddedCertPassword.type	false
Microsoft.DataFactory/factories/linkedservices/Odbc.typeProperties.credential.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.credential.type	false
Microsoft.DataFactory/factories/linkedservices/Salesforce.typeProperties.securityToken.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.securityToken.type	false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.passPhrase.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.passPhrase.type	false
Microsoft.DataFactory/factories/linkedservices/Sftp.typeProperties.privateKeyContent.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.privateKeyContent.type	false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.password	false
Microsoft.DataFactory/factories/linkedservices/SqlServer.typeProperties.password.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.password.type	false
Microsoft.DataFactory/factories/linkedservices/type	Microsoft.DataFactory	factories/linkedservices	properties.type	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.connectionString	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.connectionString.type	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.connectionString.type	false
Microsoft.DataFactory/factories/linkedservices/typeProperties.encryptedCredential	Microsoft.DataFactory	factories/linkedservices	properties.typeProperties.encryptedCredential	false

Rule
ResourceTypes

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-01-13 18:06:06	change	Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-02-10 14:43:58	add	127ef6d7-242f-43b3-9eef-947faf1725d0

Initiatives
usage

none

JSON