AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

MySQL server should use a virtual network service endpoint

Azure BuiltIn Policy definition

Source Azure Portal
Display name MySQL server should use a virtual network service endpoint
Id 3375856c-3824-4e0e-ae6a-79e011dd4c47
Version 1.0.2
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.2
Built-in Versioning [Preview]
Category SQL
Microsoft Learn
Description Virtual network based firewall rules are used to enable traffic from a specific subnet to Azure Database for MySQL while ensuring the traffic stays within the Azure boundary. This policy provides a way to audit if the Azure Database for MySQL has virtual network service endpoint being used.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DBforMySQL/servers/virtualNetworkRules/virtualNetworkSubnetId Microsoft.DBforMySQL servers/virtualNetworkRules properties.virtualNetworkSubnetId True False
Rule resource types IF (1)
Compliance
The following 2 compliance controls are associated with this Policy definition 'MySQL server should use a virtual network service endpoint' (3375856c-3824-4e0e-ae6a-79e011dd4c47)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
mp.com.1 Secure perimeter mp.com.1 Secure perimeter 404 not found n/a n/a 49
RMiT_v1.0 Appendix_5.6 RMiT_v1.0_Appendix_5.6 RMiT Appendix 5.6 Control Measures on Cybersecurity Control Measures on Cybersecurity - Appendix 5.6 Customer n/a Ensure security controls for remote access to server include the following: (a) restrict access to only hardened and locked down end-point devices; (b) use secure tunnels such as TLS and VPN IPSec; (c) deploy ‘gateway’ server with adequate perimeter defences and protection such as firewall, IPS and antivirus; and (d) close relevant ports immediately upon expiry of remote access. link 19
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn unknown
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2020-02-27 09:26:21 add 3375856c-3824-4e0e-ae6a-79e011dd4c47
JSON compare n/a
JSON
api-version=2021-06-01
EPAC