AzPolicyAdvertizer

last sync: 2021-Aug-04 14:59:26 UTC

Azure Policy definition

Service Bus namespaces should have double encryption enabled

Name Service Bus namespaces should have double encryption enabled
Azure Portal

Id ebaf4f25-a4e8-415f-86a8-42d9155bef0b

Version 1.0.0
details on versioning

Category Service Bus
Microsoft docs

Description Enabling double encryption helps protect and safeguard your data to meet your organizational security and compliance commitments. When double encryption has been enabled, data in the storage account is encrypted twice, once at the service level and once at the infrastructure level, using two different encryption algorithms and two different keys.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: Audit
Allowed: (Audit, Deny, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-07-07 15:26:31	add	ebaf4f25-a4e8-415f-86a8-42d9155bef0b

Used in Initiatives none

JSON

{
  "properties": {
    "displayName": "Service Bus namespaces should have double encryption enabled",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Enabling double encryption helps protect and safeguard your data to meet your organizational security and compliance commitments. When double encryption has been enabled, data in the storage account is encrypted twice, once at the service level and once at the infrastructure level, using two different encryption algorithms and two different keys.",
    "metadata": {
      "version": "1.0.0",
      "category": "Service Bus"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the audit policy"
        },
        "allowedValues": [
          "Audit",
          "Deny",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allOf": [
          {
            "field": "type",
            "equals": "Microsoft.ServiceBus/namespaces"
          },
          {
            "field": "Microsoft.ServiceBus/namespaces/sku.tier",
            "equals": "Premium"
          },
          {
            "field": "Microsoft.ServiceBus/namespaces/encryption.requireInfrastructureEncryption",
            "notEquals": "true"
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/ebaf4f25-a4e8-415f-86a8-42d9155bef0b",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "ebaf4f25-a4e8-415f-86a8-42d9155bef0b"
}