AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Enforce appropriate usage of all accounts | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Enforce appropriate usage of all accounts
Id fd81a1b3-2d7a-107c-507e-29b87d040c19
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1023 - Enforce appropriate usage of all accounts
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Additional metadata Name/Id: CMA_C1023 / CMA_C1023
Category: Operational
Title: Enforce appropriate usage of all accounts
Ownership: Customer
Description: The customer is responsible for enforcing the appropriate usage of all customer-controlled accounts within the system.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Compliance
The following 5 compliance controls are associated with this Policy definition 'Enforce appropriate usage of all accounts' (fd81a1b3-2d7a-107c-507e-29b87d040c19)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-2(11) FedRAMP_High_R4_AC-2(11) FedRAMP High AC-2 (11) Access Control Usage Conditions Shared n/a The information system enforces [Assignment: organization-defined circumstances and/or usage conditions] for [Assignment: organization-defined information system accounts]. Supplemental Guidance: Organizations can describe the specific conditions or circumstances under which information system accounts can be used, for example, by restricting usage to certain days of the week, time of day, or specific durations of time. link 1
hipaa 0112.02d2Organizational.3-02.d hipaa-0112.02d2Organizational.3-02.d 0112.02d2Organizational.3-02.d 01 Information Protection Program 0112.02d2Organizational.3-02.d 02.03 During Employment Shared n/a Acceptable usage is defined and usage is explicitly authorized. 7
NIST_SP_800-171_R2_3 .1.2 NIST_SP_800-171_R2_3.1.2 NIST SP 800-171 R2 3.1.2 Access Control Limit system access to the types of transactions and functions that authorized users are permitted to execute. Shared Microsoft and the customer share responsibilities for implementing this requirement. Organizations may choose to define access privileges or other attributes by account, by type of account, or a combination of both. System account types include individual, shared, group, system, anonymous, guest, emergency, developer, manufacturer, vendor, and temporary. Other attributes required for authorizing access include restrictions on time-of-day, day-of-week, and point-of-origin. In defining other account attributes, organizations consider system-related requirements (e.g., system upgrades scheduled maintenance,) and mission or business requirements, (e.g., time zone differences, customer requirements, remote access to support travel requirements). link 28
NIST_SP_800-53_R4 AC-2(11) NIST_SP_800-53_R4_AC-2(11) NIST SP 800-53 Rev. 4 AC-2 (11) Access Control Usage Conditions Shared n/a The information system enforces [Assignment: organization-defined circumstances and/or usage conditions] for [Assignment: organization-defined information system accounts]. Supplemental Guidance: Organizations can describe the specific conditions or circumstances under which information system accounts can be used, for example, by restricting usage to certain days of the week, time of day, or specific durations of time. link 1
NIST_SP_800-53_R5 AC-2(11) NIST_SP_800-53_R5_AC-2(11) NIST SP 800-53 Rev. 5 AC-2 (11) Access Control Usage Conditions Shared n/a Enforce [Assignment: organization-defined circumstances and/or usage conditions] for [Assignment: organization-defined system accounts]. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn true
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn unknown
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn true
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn true
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add fd81a1b3-2d7a-107c-507e-29b87d040c19
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC