AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Azure Monitor Logs for Application Insights should be linked to a Log Analytics workspace

Name Azure Monitor Logs for Application Insights should be linked to a Log Analytics workspace
Azure Portal
Id d550e854-df1a-4de9-bf44-cd894b39a95e
Version 1.1.0
details on versioning
Category Monitoring
Microsoft docs
Description Link the Application Insights component to a Log Analytics workspace for logs encryption. Customer-managed keys are commonly required to meet regulatory compliance and for more control over the access to your data in Azure Monitor. Linking your component to a Log Analytics workspace that's enabled with a customer-managed key, ensures that your Application Insights logs meet this compliance requirement, see https://docs.microsoft.com/azure/azure-monitor/platform/customer-managed-keys.
Mode Indexed
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
RBAC
Role(s)		 none
Rule
Aliases		 IF (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Insights/components/WorkspaceResourceId microsoft.insights components properties.WorkspaceResourceId true
Rule
ResourceTypes		 IF (1)
Microsoft.Insights/components
Compliance The following 4 compliance controls are associated with this Policy definition 'Azure Monitor Logs for Application Insights should be linked to a Log Analytics workspace' (d550e854-df1a-4de9-bf44-cd894b39a95e)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
RBI_CSF_Banks_v2016 6.4 RBI_CSF_Banks_v2016_6.4 Application Security Life Cycle (Aslc) Application Security Life Cycle (Aslc)-6.4 n/a Besides business functionalities, security requirements relating to system access control, authentication, transaction authorization, data integrity, system activity logging, audit trail, session management, security event tracking and exception handling are required to be clearly specified at the initial and ongoing stages of system development/acquisition/implementation. 13
RBI_ITF_NBFC_v2017 3.1.g RBI_ITF_NBFC_v2017_3.1.g RBI IT Framework 3.1.g Information and Cyber Security Trails-3.1 n/a The IS Policy must provide for a IS framework with the following basic tenets: Trails- NBFCs shall ensure that audit trails exist for IT assets satisfying its business requirements including regulatory and legal requirements, facilitating audit, serving as forensic evidence when required and assisting in dispute resolution. If an employee, for instance, attempts to access an unauthorized section, this improper activity should be recorded in the audit trail. link 40
RMiT_v1.0 10.66 RMiT_v1.0_10.66 RMiT 10.66 Security of Digital Services Security of Digital Services - 10.66 Shared n/a A financial institution must implement robust technology security controls in providing digital services which assure the following: (a) confidentiality and integrity of customer and counterparty information and transactions; (b) reliability of services delivered via channels and devices with minimum disruption to services; (c) proper authentication of users or devices and authorisation of transactions; (d) sufficient audit trail and monitoring of anomalous transactions; (e) ability to identify and revert to the recovery point prior to incident or service disruption; and (f) strong physical control and logical control measures link 32
SWIFT_CSCF_v2022 6.4 SWIFT_CSCF_v2022_6.4 SWIFT CSCF v2022 6.4 6. Detect Anomalous Activity to Systems or Transaction Records Record security events and detect anomalous actions and operations within the local SWIFT environment. Shared n/a Capabilities to detect anomalous activity are implemented, and a process or tool is in place to keep and review logs. link 52
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 change Minor (1.0.0 > 1.1.0)
2021-02-17 14:28:42 add d550e854-df1a-4de9-bf44-cd894b39a95e
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Reserve Bank of India - IT Framework for Banks d0d5578d-cc08-2b22-31e3-f525374f235a Regulatory Compliance Preview BuiltIn
[Preview]: Reserve Bank of India - IT Framework for NBFC 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c Regulatory Compliance Preview BuiltIn
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
JSON