last sync: 2024-Dec-06 18:53:17 UTC

[Deprecated]: Service principals should be used to protect your subscriptions instead of management certificates

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Service principals should be used to protect your subscriptions instead of management certificates
Id 6646a0bd-e110-40ca-bb97-84fcee63c414
Version 1.0.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0 (1.0.0-deprecated)
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description [Deprecated: With Cloud Services (classic) retiring (see https://azure.microsoft.com/updates/cloud-services-retirement-announcement), there will no longer be a need for this assessment as management certificates will be obsolete.] Management certificates allow anyone who authenticates with them to manage the subscription(s) they are associated with. To manage subscriptions more securely, use of service principals with Resource Manager is recommended to limit the impact of a certificate compromise.
Mode All
Type BuiltIn
Preview False
Deprecated True
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/assessments/status.code Microsoft.Security assessments properties.status.code True False
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-05-06 16:29:23 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
2020-09-09 11:24:03 add 6646a0bd-e110-40ca-bb97-84fcee63c414
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC