last sync: 2024-Mar-01 17:50:27 UTC

Microsoft Managed Control 1029 - Information Flow Enforcement | Security Policy Filters | Regulatory Compliance - Access Control

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1029 - Information Flow Enforcement | Security Policy Filters
Id 53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Access Control control
Additional metadata Name/Id: ACF1029 / Microsoft Managed Control 1029
Category: Access Control
Title: Information Flow Enforcement | Security Policy Filters
Ownership: Customer, Microsoft
Description: The information system enforces information flow control using security policy filters inherent in boundary protection devices such as gateways, routers, encrypted tunnels, and link encrypters as a basis for flow control decisions for information containing PII or customer-defined sensitive information types.
Requirements: Azure enforces information flow control using VLAN isolation, software load balancers, Virtual Filtering Platform (VFP), and ACLs. As Azure only has one security domain, there is no need to enforce information flow control using security policy filters such as clean/dirty word lists that a system with multiple security domains (e.g. unclassified, secret, and top secret) require.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC