last sync: 2025-Jul-03 17:22:55 UTC

MySQL server should use a virtual network service endpoint

Azure BuiltIn Policy definition

Source Azure Portal
Display name MySQL server should use a virtual network service endpoint
Id 3375856c-3824-4e0e-ae6a-79e011dd4c47
Version 1.0.2
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.2
Built-in Versioning [Preview]
Category SQL
Microsoft Learn
Description Virtual network based firewall rules are used to enable traffic from a specific subnet to Azure Database for MySQL while ensuring the traffic stays within the Azure boundary. This policy provides a way to audit if the Azure Database for MySQL has virtual network service endpoint being used.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DBforMySQL/servers/virtualNetworkRules/virtualNetworkSubnetId Microsoft.DBforMySQL servers/virtualNetworkRules properties.virtualNetworkSubnetId True False
Rule resource types IF (1)
Compliance
The following 4 compliance controls are associated with this Policy definition 'MySQL server should use a virtual network service endpoint' (3375856c-3824-4e0e-ae6a-79e011dd4c47)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 455
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 431
mp.com.1 Secure perimeter mp.com.1 Secure perimeter 404 not found n/a n/a 49
RMiT_v1.0 Appendix_5.6 RMiT_v1.0_Appendix_5.6 RMiT Appendix 5.6 Control Measures on Cybersecurity Control Measures on Cybersecurity - Appendix 5.6 Customer n/a Ensure security controls for remote access to server include the following: (a) restrict access to only hardened and locked down end-point devices; (b) use secure tunnels such as TLS and VPN IPSec; (c) deploy ‘gateway’ server with adequate perimeter defences and protection such as firewall, IPS and antivirus; and (d) close relevant ports immediately upon expiry of remote access. link 19
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn unknown
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-02-27 09:26:21 add 3375856c-3824-4e0e-ae6a-79e011dd4c47
JSON compare n/a
JSON
api-version=2021-06-01
EPAC