last sync: 2024-Dec-06 18:53:17 UTC

Keys using RSA cryptography should have a specified minimum key size

Azure BuiltIn Policy definition

Source Azure Portal
Display name Keys using RSA cryptography should have a specified minimum key size
Id 82067dbb-e53b-4e06-b631-546d197452d9
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.1
Built-in Versioning [Preview]
Category Key Vault
Microsoft Learn
Description Set the minimum allowed key size for use with your key vaults. Use of RSA keys with small key sizes is not a secure practice and doesn't meet many industry certification requirements.
Mode Microsoft.KeyVault.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types none
Compliance
The following 5 compliance controls are associated with this Policy definition 'Keys using RSA cryptography should have a specified minimum key size' (82067dbb-e53b-4e06-b631-546d197452d9)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CMMC_2.0_L2 SC.L2-3.13.10 CMMC_2.0_L2_SC.L2-3.13.10 404 not found n/a n/a 37
CMMC_2.0_L2 SC.L2-3.13.11 CMMC_2.0_L2_SC.L2-3.13.11 404 not found n/a n/a 4
CMMC_L3 SC.3.177 CMMC_L3_SC.3.177 CMMC L3 SC.3.177 System and Communications Protection Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. Shared Microsoft and the customer share responsibilities for implementing this requirement. Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPSvalidated cryptography and/or NSA-approved cryptography. link 25
CMMC_L3 SC.3.187 CMMC_L3_SC.3.187 CMMC L3 SC.3.187 System and Communications Protection Establish and manage cryptographic keys for cryptography employed in organizational systems. Shared Microsoft and the customer share responsibilities for implementing this requirement. Cryptographic key management and establishment can be performed using manual procedures or mechanisms supported by manual procedures. Organizations define key management requirements in accordance with applicable federal laws, Executive Orders, policies, directives, regulations, and standards specifying appropriate options, levels, and parameters. link 8
New_Zealand_ISM 17.2.19.C.01 New_Zealand_ISM_17.2.19.C.01 New_Zealand_ISM_17.2.19.C.01 17. Cryptography 17.2.19.C.01 Using DH n/a Agencies using DH, for the approved use of agreeing on encryption session keys, MUST use a modulus of at least 3072 bits. 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: CMMC 2.0 Level 2 4e50fd13-098b-3206-61d6-d1d78205cb45 Regulatory Compliance Preview BuiltIn
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
Enforce recommended guardrails for Azure Key Vault Enforce-Guardrails-KeyVault Key Vault GA ALZ
New Zealand ISM 4f5b1359-4f8e-4d7c-9733-ea47fcde891e Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-08-30 14:27:30 change Patch, old suffix: preview (1.0.0-preview > 1.0.1)
2020-10-16 12:27:50 add 82067dbb-e53b-4e06-b631-546d197452d9
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC