AzPolicyAdvertizer

last sync: 2025-Jun-30 17:25:56 UTC

Deploy Advanced Threat Protection for Cosmos DB Accounts

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy Advanced Threat Protection for Cosmos DB Accounts
Id b5f04e03-92a3-4b09-9410-2cc5e5047656
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Cosmos DB
Microsoft Learn
Description This policy enables Advanced Threat Protection across Cosmos DB accounts.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy b5f04e03-92a3-4b09-9410-2cc5e5047656
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/advancedThreatProtectionSettings/isEnabled Microsoft.Security advancedThreatProtectionSettings properties.isEnabled True False
Rule resource types IF (1)
Compliance
The following 5 compliance controls are associated with this Policy definition 'Deploy Advanced Threat Protection for Cosmos DB Accounts' (b5f04e03-92a3-4b09-9410-2cc5e5047656)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CMMC_L3 IR.2.093 CMMC_L3_IR.2.093 CMMC L3 IR.2.093 Incident Response Detect and report events. Shared Microsoft and the customer share responsibilities for implementing this requirement. The monitoring, identification, and reporting of events are the foundation for incident identification and commence the incident life cycle. Events potentially affect the productivity of organizational assets and, in turn, associated services. These events must be captured and analyzed so that the organization can determine whether an event will become (or has become) an incident that requires organizational action. The extent to which an organization can identify events improves its ability to manage and control incidents and their potential effects. link 17
DORA_2022_2554 10.1 DORA_2022_2554_10.1 DORA 2022 2554 10.1 10 Implement Mechanisms to Detect Anomalous Activities in ICT Systems Shared n/a Establish mechanisms to detect anomalous activities within information and communication technology (ICT) systems, including network performance issues and ICT-related incidents. Additionally, identify potential material single points of failure to enhance overall system resilience and response capabilities. 54
DORA_2022_2554 10.2 DORA_2022_2554_10.2 DORA 2022 2554 10.2 10 Establish Multi-Layered Detection Mechanisms for ICT Incidents Shared n/a Implement detection mechanisms that provide multiple layers of control, defining alert thresholds and criteria to trigger information and communication technology (ICT) related incident response processes. This includes automated alert mechanisms to notify resources managing ICT-related incidents. 57
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 455
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 431
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Control the use of CosmosDB in a Virtual Enclave 6bd484ca-ae8d-46cf-9b33-e1feef84bfba VirtualEnclaves Preview BuiltIn true
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn true
DORA 2022 2554 f9c0485f-da8e-43b5-961e-58ebd54b907c Regulatory Compliance GA BuiltIn unknown
Enforce recommended guardrails for Cosmos DB Enforce-Guardrails-CosmosDb Cosmos DB GA ALZ
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC