AzInitiativeAdvertizer

last sync: 2025-Apr-29 17:15:47 UTC

[Preview]: Control the use of PostgreSql in a Virtual Enclave

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display name[Preview]: Control the use of PostgreSql in a Virtual Enclave
Id5eaa16b4-81f2-4354-aef3-2d77288e396e
Version1.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]
CategoryVirtualEnclaves
Microsoft Learn
DescriptionThis initiative deploys Azure policies for PostgreSql ensuring boundary protection of this resource while it operates within the logically separated structure of Azure Virtual Enclaves. https://aka.ms/VirtualEnclaves
Cloud environmentsAzureCloud = true
AzureChinaCloud = unknown
AzureUSGovernment = true
Available in AzUSGovThe PolicySet is available in AzureUSGovernment cloud. Version: '1.0.0-preview'
Repository: Azure-Policy 5eaa16b4-81f2-4354-aef3-2d77288e396e
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy-used summary
Policy types Policy states Policy categories
Total Policies: 10
Builtin Policies: 10
Static Policies: 0
GA: 10
1 categories:
SQL: 10
Policy-used
Policy DisplayName Policy Id Category Version Versioning Effect Roles# Roles State policy in AzUSGov
Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers db048e65-913c-49f9-bb5f-1084184671d3 SQL 1.2.0 3x
1.2.0, 1.1.0, 1.0.1		 Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled		 1 Contributor GA true
Connection throttling should be enabled for PostgreSQL database servers 5345bb39-67dc-4960-a1bf-427e16b9a0bd SQL 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Disconnections should be logged for PostgreSQL database servers. eb6f77b9-bd53-4e35-a23d-7f65d5f0e446 SQL 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Enforce SSL connection should be enabled for PostgreSQL database servers d158790f-bfb0-486c-8631-2dc6b4e8e6af SQL 1.0.1 1x
1.0.1		 Default
Audit
Allowed
Audit, Disabled		 0 GA true
Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers 24fba194-95d6-48c0-aea7-f65bf859c598 SQL 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Log checkpoints should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e43d SQL 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Log connections should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e442 SQL 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Log duration should be enabled for PostgreSQL database servers eb6f77b9-bd53-4e35-a23d-7f65d5f0e8f3 SQL 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
PostgreSQL servers should use customer-managed keys to encrypt data at rest 18adea5e-f416-4d0f-8aa8-d24321e3e274 SQL 1.0.4 1x
1.0.4		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Public network access should be disabled for PostgreSQL servers b52376f7-9612-48a1-81cd-1ffe4b61032c SQL 2.0.1 1x
2.0.1		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Roles used Total Roles usage: 1
Total Roles unique usage: 1
Role Role Id #Policies Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 1 Configure Advanced Threat Protection to be enabled on Azure database for PostgreSQL servers
History
Date/Time (UTC ymd) (i) Changes
2024-01-17 19:06:27 add Initiative 5eaa16b4-81f2-4354-aef3-2d77288e396e
JSON compare n/a
JSON
api-version=2023-04-01
EPAC