AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Bind authenticators and identities dynamically

Name Bind authenticators and identities dynamically
Azure Portal
Id 6f311b49-9b0d-8c67-3d6e-db80ae528173
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_0035 - Bind authenticators and identities dynamically
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 4 compliance controls are associated with this Policy definition 'Bind authenticators and identities dynamically' (6f311b49-9b0d-8c67-3d6e-db80ae528173)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 IA-5(2) FedRAMP_High_R4_IA-5(2) FedRAMP High IA-5 (2) Identification And Authentication Pki-Based Authentication Shared n/a The information system, for PKI-based authentication: (a) Validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information; (b) Enforces authorized access to the corresponding private key; (c) Maps the authenticated identity to the account of the individual or group; and (d) Implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network. Supplemental Guidance: Status information for certification paths includes, for example, certificate revocation lists or certificate status protocol responses. For PIV cards, validation of certifications involves the construction and verification of a certification path to the Common Policy Root trust anchor including certificate policy processing. Related control: IA-6. link 7
FedRAMP_Moderate_R4 IA-5(2) FedRAMP_Moderate_R4_IA-5(2) FedRAMP Moderate IA-5 (2) Identification And Authentication Pki-Based Authentication Shared n/a The information system, for PKI-based authentication: (a) Validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information; (b) Enforces authorized access to the corresponding private key; (c) Maps the authenticated identity to the account of the individual or group; and (d) Implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network. Supplemental Guidance: Status information for certification paths includes, for example, certificate revocation lists or certificate status protocol responses. For PIV cards, validation of certifications involves the construction and verification of a certification path to the Common Policy Root trust anchor including certificate policy processing. Related control: IA-6. link 7
NIST_SP_800-53_R4 IA-5(2) NIST_SP_800-53_R4_IA-5(2) NIST SP 800-53 Rev. 4 IA-5 (2) Identification And Authentication Pki-Based Authentication Shared n/a The information system, for PKI-based authentication: (a) Validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information; (b) Enforces authorized access to the corresponding private key; (c) Maps the authenticated identity to the account of the individual or group; and (d) Implements a local cache of revocation data to support path discovery and validation in case of inability to access revocation information via the network. Supplemental Guidance: Status information for certification paths includes, for example, certificate revocation lists or certificate status protocol responses. For PIV cards, validation of certifications involves the construction and verification of a certification path to the Common Policy Root trust anchor including certificate policy processing. Related control: IA-6. link 7
NIST_SP_800-53_R5 IA-5(2) NIST_SP_800-53_R5_IA-5(2) NIST SP 800-53 Rev. 5 IA-5 (2) Identification and Authentication Public Key-based Authentication Shared n/a (a) For public key-based authentication: (1) Enforce authorized access to the corresponding private key; and (2) Map the authenticated identity to the account of the individual or group; and (b) When public key infrastructure (PKI) is used: (1) Validate certificates by constructing and verifying a certification path to an accepted trust anchor, including checking certificate status information; and (2) Implement a local cache of revocation data to support path discovery and validation. link 7
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 6f311b49-9b0d-8c67-3d6e-db80ae528173
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON