last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1209 - Configuration Settings | Regulatory Compliance - Configuration Management

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1209 - Configuration Settings
Id ce669c31-9103-4552-ae9c-cdef4e03580d
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Configuration Management control
Additional metadata Name/Id: ACF1209 / Microsoft Managed Control 1209
Category: Configuration Management
Title: Configuration Settings - Implementation
Ownership: Customer, Microsoft
Description: The organization: Implements the configuration settings;
Requirements: Mandatory configuration settings are implemented on each Azure asset as specified in the corresponding mandatory configuration baseline settings documentation for each component, which are established as described in Part a of this control. Azure service teams use Active Directory Group Policy Objects (GPOs) as an automated mechanism to centrally manage, apply, and verify security configuration settings. For virtual machines that are not domain-joined, Azure uses OS images that already have the appropriate settings configured prior to deployment. Network Devices Using the Gold images, Azure Networking configures all network devices with the required settings prior to deployment. Config Policy Verifier (CPV) compares the current network configuration against the configuration baseline and creates the proposed remediation for any deviations that are required. The results are reviewed and prioritized ongoing with major/critical items receiving priority remediation.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC