| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1172 - Internal System Connections | ||
| Id | b43e946e-a4c8-4b92-8201-4a39331db43c | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Security Assessment and Authorization control | ||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy b43e946e-a4c8-4b92-8201-4a39331db43c |
||
| Additional metadata |
Name/Id: ACF1172 / Microsoft Managed Control 1172 Category: Security Assessment and Authorization Title: Internal System Connections - Authorized Components Ownership: Customer, Microsoft Description: The organization: Authorizes internal connections of Components added through standard configuration management processes to the information system; and Requirements: As part of standard configuration management processes, Azure authorizes individual assets connected to the environment. Teams generate threat models and/or data flow diagrams which include details of components within and connected to the information system. Azure does not connect any constituent components to the Azure environment other than assets provisioned within the environment boundary. Such servers are subsequently considered part of the information system once connected. Azure assets are configured according to Azure baselines. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|