AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Azure Cognitive Search services should have local authentication methods disabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Azure Cognitive Search services should have local authentication methods disabled
Id 6300012e-e9a4-4649-b41f-a85f5c43be91
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Search
Microsoft Learn
Description Disabling local authentication methods improves security by ensuring that Azure Cognitive Search services exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/azure-cognitive-search/rbac. Note that while the disable local authentication parameter is still in preview, the deny effect for this policy may result in limited Azure Cognitive Search portal functionality since some features of the Portal use the GA API which does not support the parameter.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Search/searchServices/disableLocalAuth Microsoft.Search searchServices properties.disableLocalAuth True True
Rule resource types IF (1)
Microsoft.Search/searchServices
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce recommended guardrails for Cognitive Services Enforce-Guardrails-CognitiveServices Cognitive Services GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-10-19 19:10:32 add 6300012e-e9a4-4649-b41f-a85f5c43be91
JSON compare n/a
JSON
api-version=2021-06-01
EPAC