last sync: 2024-Apr-24 17:47:19 UTC

[Preview]: Control the use of PostgreSql in a Virtual Enclave

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display name[Preview]: Control the use of PostgreSql in a Virtual Enclave
Id5eaa16b4-81f2-4354-aef3-2d77288e396e
Version1.0.0-preview
Details on versioning
CategoryVirtualEnclaves
Microsoft Learn
DescriptionThis initiative deploys Azure policies for PostgreSql ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy count Total Policies: 10
Builtin Policies: 10
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers db048e65-913c-49f9-bb5f-1084184671d3 SQL Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
1 Contributor GA
Connection throttling should be enabled for PostgreSQL database servers 5345bb39-67dc-4960-a1bf-427e16b9a0bd SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Disconnections should be logged for PostgreSQL database servers. eb6f77b9-bd53-4e35-a23d-7f65d5f0e446 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Enforce SSL connection should be enabled for PostgreSQL database servers d158790f-bfb0-486c-8631-2dc6b4e8e6af SQL Default
Audit
Allowed
Audit, Disabled
0 GA
Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers 24fba194-95d6-48c0-aea7-f65bf859c598 SQL Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Log checkpoints should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e43d SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Log connections should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e442 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Log duration should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e8f3 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
PostgreSQL servers should use customer-managed keys to encrypt data at rest 18adea5e-f416-4d0f-8aa8-d24321e3e274 SQL Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
0 GA
Public network access should be disabled for PostgreSQL servers b52376f7-9612-48a1-81cd-1ffe4b61032c SQL Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Roles used Total Roles usage: 1
Total Roles unique usage: 1
Role Role Id Policies count Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 1 Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers
History
Date/Time (UTC ymd) (i) Changes
2024-01-17 19:06:27 add Initiative 5eaa16b4-81f2-4354-aef3-2d77288e396e
JSON compare n/a
JSON
api-version=2021-06-01
EPAC