last sync: 2024-Nov-25 18:54:24 UTC

Synapse workspace auditing settings should have action groups configured to capture critical activities

Azure BuiltIn Policy definition

Source Azure Portal
Display name Synapse workspace auditing settings should have action groups configured to capture critical activities
Id 2b18f286-371e-4b80-9887-04759970c0d3
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Synapse
Microsoft Learn
Description To ensure your audit logs are as thorough as possible, the AuditActionsAndGroups property should include all the relevant groups. We recommend adding at least SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, FAILED_DATABASE_AUTHENTICATION_GROUP, and BATCH_COMPLETED_GROUP. This is sometimes required for compliance with regulatory standards.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Synapse/workspaces/auditingSettings/auditActionsAndGroups[*] Microsoft.Synapse workspaces/auditingSettings properties.auditActionsAndGroups[*] True False
Rule resource types IF (1)
Microsoft.Synapse/workspaces
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-09 14:37:41 add 2b18f286-371e-4b80-9887-04759970c0d3
JSON compare n/a
JSON
api-version=2021-06-01
EPAC