AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

[Preview]: Azure Recovery Services vaults should use private link for backup

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Preview]: Azure Recovery Services vaults should use private link for backup

deeddb44-9f94-4903-9fa0-081d524406e3

Version

2.0.0-preview
Details on versioning

Versioning

Versions supported for Versioning: 1
2.0.0-preview
Built-in Versioning [Preview]

Category

Backup
Microsoft Learn

Description

Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The Private Link platform handles the connectivity between the consumer and services over the Azure backbone network. By mapping private endpoints to Azure Recovery Services vaults, data leakage risks are reduced. Learn more about private links at: https://aka.ms/AB-PrivateEndpoints.

Mode

Indexed

Type

BuiltIn

Preview

True

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Disabled

RBAC role(s)

none

Rule aliases

IF (4)

Alias	Namespace	ResourceType	Path	PathIsDefault	Modifiable
Microsoft.RecoveryServices/vaults/privateEndpointConnections[*]	Microsoft.RecoveryServices	vaults	properties.privateEndpointConnections[*]	True	False
Microsoft.RecoveryServices/vaults/privateEndpointConnections[*].id	Microsoft.RecoveryServices	vaults	properties.privateEndpointConnections[*].id	True	False
Microsoft.RecoveryServices/vaults/privateEndpointConnections[*].privateLinkServiceConnectionState.status	Microsoft.RecoveryServices	vaults	properties.privateEndpointConnections[*].properties.privateLinkServiceConnectionState.status	True	False
Microsoft.RecoveryServices/vaults/privateEndpointConnections[*].provisioningState	Microsoft.RecoveryServices	vaults	properties.privateEndpointConnections[*].properties.provisioningState	True	False

Rule resource types

IF (1)
Microsoft.RecoveryServices/vaults

Compliance

The following 7 compliance controls are associated with this Policy definition '[Preview]: Azure Recovery Services vaults should use private link for backup' (deeddb44-9f94-4903-9fa0-081d524406e3)

Control Domain	Control	Name	MetadataId	Category	Title	Requirements	Description	Info	Policy#
	op.cont.3 Periodic tests	op.cont.3 Periodic tests	404 not found			n/a	n/a		91
	op.cont.4 Alternative means	op.cont.4 Alternative means	404 not found			n/a	n/a		95
RBI_CSF_Banks_v2016	14.1	RBI_CSF_Banks_v2016_14.1		Anti-Phishing	Anti-Phishing-14.1	n/a	Subscribe to Anti-phishing/anti-rouge app services from external service providers for identifying and taking down phishing websites/rouge applications.		28
RBI_ITF_NBFC_v2017	6	RBI_ITF_NBFC_v2017_6	RBI IT Framework 6	Business Continuity Planning	Business Continuity Planning (BCP) and Disaster Recovery-6	n/a	BCP forms a significant part of an organisation's overall Business Continuity Management plan, which includes policies, standards and procedures to ensure continuity, resumption and recovery of critical business processes. BCP shall be designed to minimise the operational, financial, legal, reputational and other material consequences arising from a disaster. NBFC should adopt a Board approved BCP Policy. The functioning of BCP shall be monitored by the Board by way of periodic reports. The CIO shall be responsible for formulation, review and monitoring of BCP to ensure continued effectiveness. The BCP may have the following salient features	link	9
RBI_ITF_NBFC_v2017	6.2	RBI_ITF_NBFC_v2017_6.2	RBI IT Framework 6.2	Business Continuity Planning	Recovery strategy / Contingency Plan-6.2	n/a	NBFCs shall try to fully understand the vulnerabilities associated with interrelationships between various systems, departments and business processes. The BCP should come up with the probabilities of various failure scenarios. Evaluation of various options should be done for recovery and the most cost-effective, practical strategy should be selected to minimize losses in case of a disaster.	link	8
RBI_ITF_NBFC_v2017	6.3	RBI_ITF_NBFC_v2017_6.3	RBI IT Framework 6.3	Business Continuity Planning	Recovery strategy / Contingency Plan-6.3	n/a	NBFCs shall consider the need to put in place necessary backup sites for their critical business systems and Data centers.	link	7
RBI_ITF_NBFC_v2017	6.4	RBI_ITF_NBFC_v2017_6.4	RBI IT Framework 6.4	Business Continuity Planning	Recovery strategy / Contingency Plan-6.4	n/a	NBFCs shall test the BCP either annually or when significant IT or business changes take place to determine if the entity could be recovered to an acceptable level of business within the timeframe stated in the contingency plan. The test should be based on ???worst case scenarios???. The results along with the gap analysis may be placed before the CIO and the Board. The GAP Analysis along with Board???s insight should form the basis for construction of the updated BCP.	link	4

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Reserve Bank of India - IT Framework for Banks	d0d5578d-cc08-2b22-31e3-f525374f235a	Regulatory Compliance	Preview	BuiltIn
[Preview]: Reserve Bank of India - IT Framework for NBFC	7f89f09c-48c1-f28d-1bd5-84f3fb22f86c	Regulatory Compliance	Preview	BuiltIn
Evaluate Private Link Usage Across All Supported Azure Resources	7379ef4c-89b0-48b6-a5cc-fd3a75eaef93	SDN	GA	BuiltIn
Spain ENS	175daf90-21e1-4fec-b745-7b4c909aa94c	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-07-30 15:17:20	change	Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-03-09 14:37:41	add	deeddb44-9f94-4903-9fa0-081d524406e3

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC