AzPolicyAdvertizer

last sync: 2022-Nov-25 17:41:58 UTC

Azure Policy definition

Resource logs in Azure Kubernetes Service should be enabled

Name Resource logs in Azure Kubernetes Service should be enabled
Azure Portal
Id 245fc9df-fa96-4414-9a0b-3738c2f7341c
Version 1.0.0
details on versioning
Category Kubernetes
Microsoft docs
Description Azure Kubernetes Service's resource logs can help recreate activity trails when investigating security incidents. Enable it to make sure the logs will exist when needed
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC
Role(s)		 none
Rule
Aliases		 THEN-ExistenceCondition (5)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/logs.enabled microsoft.insights diagnosticSettings properties.logs[*].enabled false
Microsoft.Insights/diagnosticSettings/logs[*] microsoft.insights diagnosticSettings properties.logs[*] false
Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days microsoft.insights diagnosticSettings properties.logs[*].retentionPolicy.days false
Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled microsoft.insights diagnosticSettings properties.logs[*].retentionPolicy.enabled false
Microsoft.Insights/diagnosticSettings/storageAccountId microsoft.insights diagnosticSettings properties.storageAccountId false
Rule
ResourceTypes		 IF (1)
Microsoft.ContainerService/managedClusters
Compliance The following 1 compliance controls are associated with this Policy definition 'Resource logs in Azure Kubernetes Service should be enabled' (245fc9df-fa96-4414-9a0b-3738c2f7341c)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NZ_ISM_v3.5 AC-18 NZ_ISM_v3.5_AC-18 NZISM Security Benchmark AC-18 Access Control and Passwords 16.6.9 Events to be logged Customer n/a The events to be logged are key elements in the monitoring of the security posture of systems and contributing to reviews, audits, investigations and incident management. link 20
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-09-21 16:12:09 add 245fc9df-fa96-4414-9a0b-3738c2f7341c
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
New Zealand ISM Restricted v3.5 93d2179e-3068-c82f-2428-d614ae836a04 Regulatory Compliance GA BuiltIn
JSON