AzPolicyAdvertizer

last sync: 2025-Jul-07 17:23:16 UTC

Certificates using elliptic curve cryptography should have allowed curve names

Azure BuiltIn Policy definition

Source Azure Portal
Display name Certificates using elliptic curve cryptography should have allowed curve names
Id bd78111f-4953-4367-9fd5-7e08808b54bf
Version 2.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
2.1.0
Built-in Versioning [Preview]
Category Key Vault
Microsoft Learn
Description Manage the allowed elliptic curve names for ECC Certificates stored in key vault. More information can be found at https://aka.ms/akvpolicy.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '2.1.0'
Repository: Azure-Policy bd78111f-4953-4367-9fd5-7e08808b54bf
Mode Microsoft.KeyVault.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types none
Compliance
The following 3 compliance controls are associated with this Policy definition 'Certificates using elliptic curve cryptography should have allowed curve names' (bd78111f-4953-4367-9fd5-7e08808b54bf)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 455
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 431
RBI_ITF_NBFC_v2017 3.8 RBI_ITF_NBFC_v2017_3.8 RBI IT Framework 3.8 Information and Cyber Security Digital Signatures-3.8 n/a A Digital Signature Certificate authenticates entity???s identity electronically. It also provides a high level of security for online transactions by ensuring absolute privacy of the information exchanged using a Digital Signature Certificate. NBFCs may consider use of Digital signatures to protect the authenticity and integrity of important electronic documents and also for high value fund transfer. link 7
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Reserve Bank of India - IT Framework for NBFC 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c Regulatory Compliance Preview BuiltIn unknown
Enforce recommended guardrails for Azure Key Vault Enforce-Guardrails-KeyVault Key Vault GA ALZ
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Minor (2.0.1 > 2.1.0)
2021-08-30 14:27:30 change Patch, old suffix: preview (2.0.0-preview > 2.0.1)
2020-09-02 14:03:46 change Previous DisplayName: [Preview]: Manage allowed curve names for elliptic curve cryptography certificates
2019-11-02 10:12:34 add bd78111f-4953-4367-9fd5-7e08808b54bf
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC