last sync: 2024-Oct-04 17:51:30 UTC

Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software | Regulatory Compliance - Configuration Management

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software
Id e80b6812-0bfa-4383-8223-cdd86a46a890
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Configuration Management control
Additional metadata Name/Id: ACF1237 / Microsoft Managed Control 1237
Category: Configuration Management
Title: Software Usage Restrictions | Open Source Software
Ownership: Customer, Microsoft
Description: The organization establishes the following restrictions on the use of open source software: All software (including tools and utilities) installed within Microsoft Azure must be approved by the appropriate stakeholders prior to being released into production.Prior to deployment in Microsoft Azure, all software must be tested in a manner suitable to Microsoft to evaluate its impact on system performance, stability (failure and recovery characteristics) and security state (security controls work as expected and the product does not contain malicious code).Software submitted for approval must have a legitimate business purpose.
Requirements: As established by the Microsoft Security Policy, the following restrictions are in place regarding the installation of software, including open source software, within the Azure environment: * All software installed within Azure must be approved by the appropriate stakeholders prior to being released into production. * Prior to deployment in Azure, all software must be tested in a manner suitable to Microsoft to evaluate its impact on system performance, stability (failure and recovery characteristics) and security state (security controls work as expected and the product does not contain malicious code). * Software submitted for approval must have a legitimate business purpose. Additionally, open source software must be evaluated by CELA in accordance with the policies and processes set out in Microsoft’s open source software resource website. Requests for evaluation of open source software require approval through the OSS Registration Tool.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance
The following 2 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software' (e80b6812-0bfa-4383-8223-cdd86a46a890)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.2 Security configuration op.exp.2 Security configuration 404 not found n/a n/a 112
op.exp.3 Security configuration management op.exp.3 Security configuration management 404 not found n/a n/a 123
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC