AzPolicyAdvertizer

last sync: 2022-Nov-25 17:41:58 UTC

Azure Policy definition

Azure Cognitive Search services should use customer-managed keys to encrypt data at rest

Name

Azure Cognitive Search services should use customer-managed keys to encrypt data at rest
Azure Portal

76a56461-9dc0-40f0-82f5-2453283afa2f

Version

1.0.0
details on versioning

Category

Search
Microsoft docs

Description

Enabling encryption at rest using a customer-managed key on your Azure Cognitive Search services provides additional control over the key used to encrypt data at rest. This feature is often applicable to customers with special compliance requirements to manage data encryption keys using a key vault.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
Audit
Allowed
Audit, Deny, Disabled

RBAC
Role(s)

none

Rule
Aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Search/searchServices/encryptionWithCmk.encryptionComplianceStatus	Microsoft.Search	searchServices	properties.encryptionWithCmk.encryptionComplianceStatus	false
Microsoft.Search/searchServices/encryptionWithCmk.enforcement	Microsoft.Search	searchServices	properties.encryptionWithCmk.enforcement	false

Rule
ResourceTypes

IF (1)
Microsoft.Search/searchServices

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-07-30 15:17:20	add	76a56461-9dc0-40f0-82f5-2453283afa2f

Initiatives
usage

none

JSON