last sync: 2020-Sep-17 14:31:34 UTC

You like AzAdvertizer ? Go checkout the new version of AzGovViz


Azure Policy

App Configuration should use a customer-managed key

Policy DisplayName App Configuration should use a customer-managed key
Policy Id 967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1
Policy Category App Configuration
Policy Description Customer-managed keys provide enhanced data protection by allowing you to manage your encryption keys. This is often required to meet compliance requirements.
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: Audit
Allowed: (Audit,Disabled)
Roles used none
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2020-08-05 13:05:29 change: DisplayName previous DisplayName: App Configuration should use a customer managed key
2020-02-12 02:52:44 add: Policy 967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1
Used in Policy Initiative(s) none
Policy Rule
{
  "properties": {
    "displayName": "App Configuration should use a customer-managed key",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Customer-managed keys provide enhanced data protection by allowing you to manage your encryption keys. This is often required to meet compliance requirements.",
    "metadata": {
      "version": "1.0.1",
      "category": "App Configuration"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.AppConfiguration/configurationStores"
          },
          {
            "field": "Microsoft.AppConfiguration/configurationStores/encryption.keyVaultProperties.keyIdentifier",
            "exists": "false"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1"
}