AzPolicyAdvertizer

last sync: 2022-Jun-28 16:32:57 UTC

Azure Policy definition

Azure Cognitive Search services should use customer-managed keys to encrypt data at rest

Name

Azure Cognitive Search services should use customer-managed keys to encrypt data at rest
Azure Portal

76a56461-9dc0-40f0-82f5-2453283afa2f

Version

1.0.0
details on versioning

Category

Search
Microsoft docs

Description

Enabling encryption at rest using a customer-managed key on your Azure Cognitive Search services provides additional control over the key used to encrypt data at rest. This feature is often applicable to customers with special compliance requirements to manage data encryption keys using a key vault.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default: Audit
Allowed: (Audit, Deny, Disabled)

Used RBAC Role

none

Rule Aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Search/searchServices/encryptionWithCmk.encryptionComplianceStatus	Microsoft.Search	searchServices	properties.encryptionWithCmk.encryptionComplianceStatus	false
Microsoft.Search/searchServices/encryptionWithCmk.enforcement	Microsoft.Search	searchServices	properties.encryptionWithCmk.enforcement	false

Rule ResourceTypes

IF (1)
Microsoft.Search/searchServices

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-07-30 15:17:20	add	76a56461-9dc0-40f0-82f5-2453283afa2f

Used in Initiatives

none

JSON