last sync: 2021-Jan-18 16:05:48 UTC

Azure Policy definition

Deploy Advanced Threat Protection for Cosmos DB Accounts

Name Deploy Advanced Threat Protection for Cosmos DB Accounts
Azure Portal
Id b5f04e03-92a3-4b09-9410-2cc5e5047656
Version 1.0.0
details on versioning
Category Cosmos DB
Microsoft docs
Description This policy enables Advanced Threat Protection across Cosmos DB accounts.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default: DeployIfNotExists
Allowed: (DeployIfNotExists, Disabled)
Used RBAC Role
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
History none
Used in Initiatives none
Json
{
  "properties": {
    "displayName": "Deploy Advanced Threat Protection for Cosmos DB Accounts",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy enables Advanced Threat Protection across Cosmos DB accounts.",
    "metadata": {
      "version": "1.0.0",
      "category": "Cosmos DB"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "DeployIfNotExists",
          "Disabled"
        ],
        "defaultValue": "DeployIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.DocumentDB/databaseAccounts"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Security/advancedThreatProtectionSettings",
          "name": "current",
          "existenceCondition": {
            "field": "Microsoft.Security/advancedThreatProtectionSettings/isEnabled",
            "equals": "true"
          },
          "roleDefinitionIds": [
            "/providers/Microsoft.Authorization/roleDefinitions/fb1c8493-542b-48eb-b624-b4c8fea62acd"
          ],
          "deployment": {
            "properties": {
              "mode": "incremental",
              "template": {
                "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
                "contentVersion": "1.0.0.0",
                "parameters": {
                  "cosmosDbAccountName": {
                    "type": "string"
                  }
                },
                "resources": [
                  {
                    "apiVersion": "2019-01-01",
                    "type": "Microsoft.DocumentDB/databaseAccounts/providers/advancedThreatProtectionSettings",
                  "name": "[concat(parameters('cosmosDbAccountName'), '/Microsoft.Security/current')]",
                    "properties": {
                      "isEnabled": true
                    }
                  }
                ]
              },
              "parameters": {
                "cosmosDbAccountName": {
                "value": "[field('name')]"
                }
              }
            }
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/b5f04e03-92a3-4b09-9410-2cc5e5047656",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "b5f04e03-92a3-4b09-9410-2cc5e5047656"
}