AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Azure Cache for Redis only secure connections should be enabled

Azure Landing Zones (ALZ) Policy definition

Source

Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-Redis-http

Deploy policy Deny-Redis-http (1.1.0) to Azure

Display name

Azure Cache for Redis only secure connections should be enabled

Deny-Redis-http

Version

1.1.0
Details on versioning

Category

Cache

Description

Audit enabling of only connections via SSL to Azure Cache for Redis. Validate both minimum TLS version and enableNonSslPort is disabled. Use of secure connections ensures authentication between the server and the service and protects data in transit from network layer attacks such as man-in-the-middle, eavesdropping, and session-hijacking

Mode

Indexed

Type

Custom Azure Landing Zones (ALZ)

Preview

False

Deprecated

False

Effect

Default
Deny
Allowed
Audit, Deny, Disabled

RBAC role(s)

none

Rule aliases

IF (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Cache/Redis/enableNonSslPort	Microsoft.Cache	Redis	properties.enableNonSslPort	True		True
Microsoft.Cache/Redis/minimumTlsVersion	Microsoft.Cache	Redis	properties.minimumTlsVersion	True		True

Rule resource types

IF (1)
Microsoft.Cache/redis

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State
[Deprecated]: Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit	Enforce-EncryptTransit	Encryption	Deprecated
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit	Enforce-EncryptTransit_20240509	Encryption	GA

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-10-10 01:17:21	change	Minor (1.0.0 > 1.1.0)

JSON compare

compare mode: version left: version right:

JSON

EPAC