AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Azure Batch pools should have disk encryption enabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Batch pools should have disk encryption enabled
Id 1760f9d4-7206-436e-a28f-d9f3a5c8a227
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Batch
Microsoft Learn
Description Enabling Azure Batch disk encryption ensures that data is always encrypted at rest on your Azure Batch compute node. Learn more about disk encryption in Batch at https://docs.microsoft.com/azure/batch/disk-encryption.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Batch/batchAccounts/pools/deploymentConfiguration.virtualMachineConfiguration.diskEncryptionConfiguration.targets[*] Microsoft.Batch batchAccounts/pools properties.deploymentConfiguration.virtualMachineConfiguration.diskEncryptionConfiguration.targets[*] True False
Rule resource types IF (1)
Microsoft.Batch/batchAccounts/pools
Compliance
The following 6 compliance controls are associated with this Policy definition 'Azure Batch pools should have disk encryption enabled' (1760f9d4-7206-436e-a28f-d9f3a5c8a227)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NL_BIO_Cloud_Theme U.05.1(2) NL_BIO_Cloud_Theme_U.05.1(2) NL_BIO_Cloud_Theme_U.05.1(2) U.05 Data protection Cryptographic measures n/a Data transport is secured with cryptography to the latest state of the art (in accordance with the Forum for Standardization), whereby the key management is carried out by the CSC itself if possible. 17
NL_BIO_Cloud_Theme U.05.2(2) NL_BIO_Cloud_Theme_U.05.2(2) NL_BIO_Cloud_Theme_U.05.2(2) U.05 Data protection Cryptographic measures n/a Data stored in the cloud service shall be protected to the latest state of the art with encryption and with a key length sufficient at least for the purpose, whereby the key management is not purchased as a cloud service if possible and is carried out by the CSC itself. 52
NL_BIO_Cloud_Theme U.11.3(2) NL_BIO_Cloud_Theme_U.11.3(2) NL_BIO_Cloud_Theme_U.11.3(2) U.11 Cryptoservices Encrypted n/a Sensitive data (on transport and at rest) is always encrypted, with private keys managed by the CSC. The use of a private key by the CSP is based on a controlled procedure and must be jointly agreed with the CSC organisation. 52
U.05.1 - Cryptographic measures U.05.1 - Cryptographic measures 404 not found n/a n/a 17
U.05.2 - Cryptographic measures U.05.2 - Cryptographic measures 404 not found n/a n/a 51
U.11.3 - Encrypted U.11.3 - Encrypted 404 not found n/a n/a 51
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-08-09 19:32:42 add 1760f9d4-7206-436e-a28f-d9f3a5c8a227
JSON compare n/a
JSON
api-version=2021-06-01
EPAC