AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Configure Microsoft Defender for Azure Cosmos DB to be enabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Microsoft Defender for Azure Cosmos DB to be enabled
Id 82bf5b87-728b-4a74-ba4d-6123845cf542
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Microsoft Defender for Azure Cosmos DB is an Azure-native layer of security that detects attempts to exploit databases in your Azure Cosmos DB accounts. Defender for Azure Cosmos DB detects potential SQL injections, known bad actors based on Microsoft Threat Intelligence, suspicious access patterns, and potential exploitations of your database through compromised identities or malicious insiders.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Security Admin fb1c8493-542b-48eb-b624-b4c8fea62acd
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/pricings/pricingTier Microsoft.Security pricings properties.pricingTier True False
Rule resource types IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (1)
Microsoft.Security/pricings
Compliance
The following 2 compliance controls are associated with this Policy definition 'Configure Microsoft Defender for Azure Cosmos DB to be enabled' (82bf5b87-728b-4a74-ba4d-6123845cf542)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.6 Protection against harmful code op.exp.6 Protection against harmful code 404 not found n/a n/a 63
op.mon.3 Monitoring op.mon.3 Monitoring 404 not found n/a n/a 51
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config Security Center Deprecated ALZ
Configure Microsoft Defender for Cloud plans f08c57cd-dbd6-49a4-a85e-9ae77ac959b0 Security Center GA BuiltIn
Configure Microsoft Defender for Databases to be enabled 9d46421d-1a48-4636-8d1a-5525ed29172d Security Center GA BuiltIn
Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config_20240319 Security Center GA ALZ
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-03-11 18:16:48 add 82bf5b87-728b-4a74-ba4d-6123845cf542
JSON compare n/a
JSON
api-version=2021-06-01
EPAC