last sync: 2023-Jun-01 17:45:04 UTC

Azure Policy definition

SQL Database should avoid using GRS backup redundancy

Name SQL Database should avoid using GRS backup redundancy
Azure Portal
Id b219b9cf-f672-4f96-9ab0-f5a3ac5e1c13
Version 2.0.0
details on versioning
Category SQL
Microsoft docs
Description Databases should avoid using the default geo-redundant storage for backups, if data residency rules require data to stay within a specific region. Note: Azure Policy is not enforced when creating a database using T-SQL. If not explicitly specified, database with geo-redundant backup storage is created via T-SQL.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Deny
Allowed
Deny, Disabled
RBAC
Role(s)
none
Rule
Aliases
IF (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Sql/servers/databases/edition Microsoft.Sql servers/databases sku.tier false
Microsoft.Sql/servers/databases/requestedBackupStorageRedundancy Microsoft.Sql servers/databases properties.requestedBackupStorageRedundancy false
Microsoft.Sql/servers/databases/storageAccountType Microsoft.Sql servers/databases properties.requestedBackupStorageRedundancy false
Rule
ResourceTypes
IF (1)
Microsoft.Sql/servers/databases
Compliance The following 1 compliance controls are associated with this Policy definition 'SQL Database should avoid using GRS backup redundancy' (b219b9cf-f672-4f96-9ab0-f5a3ac5e1c13)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
RMiT_v1.0 10.49 RMiT_v1.0_10.49 RMiT 10.49 Cloud Services Cloud Services - 10.49 Shared n/a A financial institution must fully understand the inherent risk of adopting cloud services. In this regard, a financial institution is required to conduct a comprehensive risk assessment prior to cloud adoption which considers the inherent architecture of cloud services that leverages on the sharing of resources and services across multiple tenants over the Internet. The assessment must specifically address risks associated with the following: (a) sophistication of the deployment model; (b) migration of existing systems to cloud infrastructure; (c) location of cloud infrastructure; (d) multi-tenancy or data co-mingling; (e) vendor lock-in and application portability or interoperability; (f) ability to customise security configurations of the cloud infrastructure to ensure a high level of data and technology system protection; (g) exposure to cyber-attacks via cloud service providers; (h) termination of a cloud service provider including the ability to secure the financial institution's data following the termination; (i) demarcation of responsibilities, limitations and liability of the service provider; and (j) ability to meet regulatory requirements and international standards on cloud computing on a continuing basis. link 6
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-04-27 15:38:15 change Major (1.0.1 > 2.0.0)
2021-02-10 14:43:58 change Patch (1.0.0 > 1.0.1) *changes on text case sensitivity are not tracked
2020-09-09 11:24:03 add b219b9cf-f672-4f96-9ab0-f5a3ac5e1c13
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn
JSON