AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Configure Cosmos DB database accounts to disable local authentication

Name

Configure Cosmos DB database accounts to disable local authentication
Azure Portal

dc2d41d1-4ab1-4666-a3e1-3d51c43e0049

Version

1.1.0
details on versioning

Category

Cosmos DB
Microsoft docs

Description

Disable local authentication methods so that your Cosmos DB database accounts exclusively require Azure Active Directory identities for authentication. Learn more at: https://docs.microsoft.com/azure/cosmos-db/how-to-setup-rbac#disable-local-auth.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
Modify
Allowed
Modify, Disabled

RBAC
Role(s)

Role Name	Role Id
DocumentDB Account Contributor	5bd9cd88-fe45-4216-938b-f97437e15450

Rule
Aliases

IF (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.DocumentDB/databaseAccounts/capabilities[*].name	Microsoft.DocumentDB	databaseAccounts	properties.capabilities[*].name	false
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth	Microsoft.DocumentDB	databaseAccounts	properties.disableLocalAuth	true

THEN-Operations (1)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth	Microsoft.DocumentDB	databaseAccounts	properties.disableLocalAuth	true

Rule
ResourceTypes

IF (1)
Microsoft.DocumentDB/databaseAccounts

Compliance

Not a Compliance control

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-05-26 17:43:09	change	Minor (1.0.0 > 1.1.0)
2021-07-07 15:26:31	add	dc2d41d1-4ab1-4666-a3e1-3d51c43e0049

Initiatives
usage

none

JSON