AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

[Deprecated]: Cognitive Services accounts should enable data encryption

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Cognitive Services accounts should enable data encryption
Id 2bdd0062-9d75-436e-89df-487dd8e4b3c7
Version 2.0.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0 (2.0.0-deprecated)
Built-in Versioning [Preview]
Category Cognitive Services
Microsoft Learn
Description This policy is deprecated. Cognitive Services have data encryption enforced.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: cdcf4f71-60d3-540b-91e3-aa19792da364
DisplayName: Cognitive Services accounts should enable data encryption
Description: This policy audits any Cognitive Services account not using data encryption. For each Cognitive Services account with storage, should enable data encryption with either customer managed or Microsoft managed key.
Remediation description: To enable encryption for Cognitive Services: 1. In the Azure portal, open Cognitive Services, 2. Select an item from the list, and open the "encryption" page, 3. Setup encryption using either Microsoft-managed keys or customer-managed keys. Learn more about configuration customer-managed keys for Cognitive Services in https://go.microsoft.com/fwlink/?linkid=2121321.
Categories: Data
Severity: Low
preview: True
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
Disabled
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.CognitiveServices/accounts/encryption Microsoft.CognitiveServices accounts properties.encryption True False
Microsoft.CognitiveServices/accounts/encryption.keySource Microsoft.CognitiveServices accounts properties.encryption.keySource True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-04-21 13:28:46 change Major, new suffix: deprecated (1.0.0 > 2.0.0-deprecated)
2020-06-09 16:25:53 add 2bdd0062-9d75-436e-89df-487dd8e4b3c7
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC