AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

App Configuration should use a customer-managed key

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

App Configuration should use a customer-managed key

967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1

Version

1.1.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]

Category

App Configuration
Microsoft Learn

Description

Customer-managed keys provide enhanced data protection by allowing you to manage your encryption keys. This is often required to meet compliance requirements.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.AppConfiguration/configurationStores/encryption.keyVaultProperties.keyIdentifier	Microsoft.AppConfiguration	configurationStores	properties.encryption.keyVaultProperties.keyIdentifier	True		False

Rule resource types

IF (1)
Microsoft.AppConfiguration/configurationStores

Compliance

The following 2 compliance controls are associated with this Policy definition 'App Configuration should use a customer-managed key' (967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
RBI_ITF_NBFC_v2017	3.1.h	RBI_ITF_NBFC_v2017_3.1.h	RBI IT Framework 3.1.h	Information and Cyber Security	Public Key Infrastructure (PKI)-3.1		n/a	The IS Policy must provide for a IS framework with the following basic tenets: Public Key Infrastructure (PKI) - NBFCs may increase the usage of PKI to ensure confidentiality of data, access control, data integrity, authentication and nonrepudiation.	link	31
RMiT_v1.0	10.53	RMiT_v1.0_10.53	RMiT 10.53	Cloud Services	Cloud Services - 10.53	Shared	n/a	A financial institution must implement appropriate safeguards on customer and counterparty information and proprietary data when using cloud services to protect against unauthorised disclosure and access. This shall include retaining ownership, control and management of all data pertaining to customer and counterparty information, proprietary data and services hosted on the cloud, including the relevant cryptographic keys management.	link	14

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Reserve Bank of India - IT Framework for NBFC	7f89f09c-48c1-f28d-1bd5-84f3fb22f86c	Regulatory Compliance	Preview	BuiltIn
RMIT Malaysia	97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2020-11-10 16:00:42	change	Minor (1.0.1 > 1.1.0)
2020-08-05 13:05:29	change	Previous DisplayName: App Configuration should use a customer managed key
2020-02-12 02:52:44	add	967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC