AzPolicyAdvertizer

last sync: 2024-Sep-19 17:51:32 UTC

Configure Cosmos DB database accounts to disable local authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Cosmos DB database accounts to disable local authentication
Id dc2d41d1-4ab1-4666-a3e1-3d51c43e0049
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Cosmos DB
Microsoft Learn
Description Disable local authentication methods so that your Cosmos DB database accounts exclusively require Azure Active Directory identities for authentication. Learn more at: https://docs.microsoft.com/azure/cosmos-db/how-to-setup-rbac#disable-local-auth.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
DocumentDB Account Contributor 5bd9cd88-fe45-4216-938b-f97437e15450
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/capabilities[*].name Microsoft.DocumentDB databaseAccounts properties.capabilities[*].name True False
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth Microsoft.DocumentDB databaseAccounts properties.disableLocalAuth True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth Microsoft.DocumentDB databaseAccounts properties.disableLocalAuth True True
Rule resource types IF (1)
Microsoft.DocumentDB/databaseAccounts
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Control the use of CosmosDB in a Virtual Enclave 6bd484ca-ae8d-46cf-9b33-e1feef84bfba VirtualEnclaves Preview BuiltIn
Enforce recommended guardrails for Cosmos DB Enforce-Guardrails-CosmosDb Cosmos DB GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-05-26 17:43:09 change Minor (1.0.0 > 1.1.0)
2021-07-07 15:26:31 add dc2d41d1-4ab1-4666-a3e1-3d51c43e0049
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC