AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Keys using elliptic curve cryptography should have the specified curve names

Azure BuiltIn Policy definition

Source Azure Portal
Display name Keys using elliptic curve cryptography should have the specified curve names
Id ff25f3c8-b739-4538-9d07-3d6d25cfb255
Version 1.0.1
Details on versioning
Category Key Vault
Microsoft Learn
Description Keys backed by elliptic curve cryptography can have different curve names. Some applications are only compatible with specific elliptic curve keys. Enforce the types of elliptic curve keys that are allowed to be created in your environment.
Mode Microsoft.KeyVault.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types none
Compliance
The following 4 compliance controls are associated with this Policy definition 'Keys using elliptic curve cryptography should have the specified curve names' (ff25f3c8-b739-4538-9d07-3d6d25cfb255)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CMMC_2.0_L2 SC.L2-3.13.10 CMMC_2.0_L2_SC.L2-3.13.10 404 not found n/a n/a 37
CMMC_2.0_L2 SC.L2-3.13.11 CMMC_2.0_L2_SC.L2-3.13.11 404 not found n/a n/a 4
CMMC_L3 SC.3.177 CMMC_L3_SC.3.177 CMMC L3 SC.3.177 System and Communications Protection Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. Shared Microsoft and the customer share responsibilities for implementing this requirement. Cryptography can be employed to support many security solutions including the protection of controlled unclassified information, the provision of digital signatures, and the enforcement of information separation when authorized individuals have the necessary clearances for such information but lack the necessary formal access approvals. Cryptography can also be used to support random number generation and hash generation. Cryptographic standards include FIPSvalidated cryptography and/or NSA-approved cryptography. link 25
CMMC_L3 SC.3.187 CMMC_L3_SC.3.187 CMMC L3 SC.3.187 System and Communications Protection Establish and manage cryptographic keys for cryptography employed in organizational systems. Shared Microsoft and the customer share responsibilities for implementing this requirement. Cryptographic key management and establishment can be performed using manual procedures or mechanisms supported by manual procedures. Organizations define key management requirements in accordance with applicable federal laws, Executive Orders, policies, directives, regulations, and standards specifying appropriate options, levels, and parameters. link 8
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: CMMC 2.0 Level 2 4e50fd13-098b-3206-61d6-d1d78205cb45 Regulatory Compliance Preview BuiltIn
CMMC Level 3 b5629c75-5c77-4422-87b9-2509e680f8de Regulatory Compliance GA BuiltIn
Enforce recommended guardrails for Azure Key Vault Enforce-Guardrails-KeyVault Key Vault GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-08-30 14:27:30 change Patch, old suffix: preview (1.0.0-preview > 1.0.1)
2020-10-16 12:27:50 add ff25f3c8-b739-4538-9d07-3d6d25cfb255
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC