last sync: 2024-Oct-03 17:51:55 UTC

[Preview]: Control the use of PostgreSql in a Virtual Enclave

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display name[Preview]: Control the use of PostgreSql in a Virtual Enclave
Id5eaa16b4-81f2-4354-aef3-2d77288e396e
Version1.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]
CategoryVirtualEnclaves
Microsoft Learn
DescriptionThis initiative deploys Azure policies for PostgreSql ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy count Total Policies: 10
Builtin Policies: 10
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers db048e65-913c-49f9-bb5f-1084184671d3 SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
1 Contributor GA
Connection throttling should be enabled for PostgreSQL database servers 5345bb39-67dc-4960-a1bf-427e16b9a0bd SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Disconnections should be logged for PostgreSQL database servers. eb6f77b9-bd53-4e35-a23d-7f65d5f0e446 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Enforce SSL connection should be enabled for PostgreSQL database servers d158790f-bfb0-486c-8631-2dc6b4e8e6af SQL Default
Audit
Allowed
Audit, Disabled
0 GA
Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers 24fba194-95d6-48c0-aea7-f65bf859c598 SQL Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Log checkpoints should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e43d SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Log connections should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e442 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Log duration should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e8f3 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
PostgreSQL servers should use customer-managed keys to encrypt data at rest 18adea5e-f416-4d0f-8aa8-d24321e3e274 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Public network access should be disabled for PostgreSQL servers b52376f7-9612-48a1-81cd-1ffe4b61032c SQL Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Roles used Total Roles usage: 1
Total Roles unique usage: 1
Role Role Id Policies count Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 1 Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers
History
Date/Time (UTC ymd) (i) Changes
2024-01-17 19:06:27 add Initiative 5eaa16b4-81f2-4354-aef3-2d77288e396e
JSON compare n/a
JSON
api-version=2021-06-01
EPAC