| Source | Azure Portal | |||||||||||||||||||||||||||||||||
| Display name | Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software | |||||||||||||||||||||||||||||||||
| Id | e80b6812-0bfa-4383-8223-cdd86a46a890 | |||||||||||||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
|||||||||||||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
|||||||||||||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
|||||||||||||||||||||||||||||||||
| Description | Microsoft implements this Configuration Management control | |||||||||||||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1237 / Microsoft Managed Control 1237 Category: Configuration Management Title: Software Usage Restrictions | Open Source Software Ownership: Customer, Microsoft Description: The organization establishes the following restrictions on the use of open source software: All software (including tools and utilities) installed within Microsoft Azure must be approved by the appropriate stakeholders prior to being released into production.Prior to deployment in Microsoft Azure, all software must be tested in a manner suitable to Microsoft to evaluate its impact on system performance, stability (failure and recovery characteristics) and security state (security controls work as expected and the product does not contain malicious code).Software submitted for approval must have a legitimate business purpose. Requirements: As established by the Microsoft Security Policy, the following restrictions are in place regarding the installation of software, including open source software, within the Azure environment: * All software installed within Azure must be approved by the appropriate stakeholders prior to being released into production. * Prior to deployment in Azure, all software must be tested in a manner suitable to Microsoft to evaluate its impact on system performance, stability (failure and recovery characteristics) and security state (security controls work as expected and the product does not contain malicious code). * Software submitted for approval must have a legitimate business purpose. Additionally, open source software must be evaluated by CELA in accordance with the policies and processes set out in Microsoft’s open source software resource website. Requests for evaluation of open source software require approval through the OSS Registration Tool. |
|||||||||||||||||||||||||||||||||
| Mode | Indexed | |||||||||||||||||||||||||||||||||
| Type | Static | |||||||||||||||||||||||||||||||||
| Preview | False | |||||||||||||||||||||||||||||||||
| Deprecated | False | |||||||||||||||||||||||||||||||||
| Effect | Fixed audit |
|||||||||||||||||||||||||||||||||
| RBAC role(s) | none | |||||||||||||||||||||||||||||||||
| Rule aliases | none | |||||||||||||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
|||||||||||||||||||||||||||||||||
| Compliance |
The following 2 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software' (e80b6812-0bfa-4383-8223-cdd86a46a890)
| |||||||||||||||||||||||||||||||||
| Initiatives usage |
|
|||||||||||||||||||||||||||||||||
| History | none | |||||||||||||||||||||||||||||||||
| JSON compare | n/a | |||||||||||||||||||||||||||||||||
| JSON |
|