AzPolicyAdvertizer

last sync: 2023-Jun-19 17:45:01 UTC

Community Policy definition

Audit - Databricks should use customer-managed key for encrypting DBFS

Name

Audit - Databricks should use customer-managed key for encrypting DBFS
Community-Policy GitHub

b76cbbfe-4af8-44ad-ac54-c460d0907796

Version

1.0.0
details on versioning

Category

Azure Databricks
Microsoft docs

Description

Customer-managed key should be used to encrypt DBFS in Databricks service. The policy marks a resource Noncompliant if the prepareEncryption value is not set to true. The resource is also marked Noncompliant when the keySource value does not exist.

Mode

All

Type

Custom Community

Effect

Default
Audit
Allowed
Audit, Disabled

Used RBAC Role

none

Rule Aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Databricks/workspaces/parameters.encryption.value.keySource	Microsoft.Databricks	workspaces	properties.parameters.encryption.value.keySource	false
Microsoft.Databricks/workspaces/parameters.prepareEncryption.value	Microsoft.Databricks	workspaces	properties.parameters.prepareEncryption.value	false

Rule ResourceTypes

IF (1)
Microsoft.Databricks/workspaces

JSON