AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

[Preview]: Azure IoT Hub should use customer-managed key to encrypt data at rest

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Preview]: Azure IoT Hub should use customer-managed key to encrypt data at rest
Id 2d7e144b-159c-44fc-95c1-ac3dbf5e6e54
Version 1.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]
Category Internet of Things
Microsoft Learn
Description Encryption of data at rest in IoT Hub with customer-managed key adds a second layer of encryption on top of the default service-managed keys, enables customer control of keys, custom rotation policies, and ability to manage access to data through key access control. Customer-managed keys must be configured during creation of IoT Hub. For more information on how to configure customer-managed keys, see https://aka.ms/iotcmk.
Mode Indexed
Type BuiltIn
Preview True
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Devices/IotHubs/encryption.keyVaultProperties[*] Microsoft.Devices IotHubs properties.encryption.keyVaultProperties[*] True False
Microsoft.Devices/IotHubs/encryption.keyVaultProperties[*].keyIdentifier Microsoft.Devices IotHubs properties.encryption.keyVaultProperties[*].keyIdentifier True False
Rule resource types IF (1)
Microsoft.Devices/IotHubs
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-03-09 14:37:41 add 2d7e144b-159c-44fc-95c1-ac3dbf5e6e54
JSON compare n/a
JSON
api-version=2021-06-01
EPAC