| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1209 - Configuration Settings | ||
| Id | ce669c31-9103-4552-ae9c-cdef4e03580d | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1209 / Microsoft Managed Control 1209 Category: Configuration Management Title: Configuration Settings - Implementation Ownership: Customer, Microsoft Description: The organization: Implements the configuration settings; Requirements: Mandatory configuration settings are implemented on each Azure asset as specified in the corresponding mandatory configuration baseline settings documentation for each component, which are established as described in Part a of this control. Azure service teams use Active Directory Group Policy Objects (GPOs) as an automated mechanism to centrally manage, apply, and verify security configuration settings. For virtual machines that are not domain-joined, Azure uses OS images that already have the appropriate settings configured prior to deployment. Network Devices Using the Gold images, Azure Networking configures all network devices with the required settings prior to deployment. Config Policy Verifier (CPV) compares the current network configuration against the configuration baseline and creates the proposed remediation for any deviations that are required. The results are reviewed and prioritized ongoing with major/critical items receiving priority remediation. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|