last sync: 2024-Nov-25 18:54:43 UTC

Enforce recommended guardrails for Data Explorer

Azure Landing Zones (ALZ) Policy Initiative (PolicySet)

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Enforce-Guardrails-DataExplorer
Display nameEnforce recommended guardrails for Data Explorer
IdEnforce-Guardrails-DataExplorer
Version1.0.0
Details on versioning
CategoryAzure Data Explorer
DescriptionThis policy initiative is a group of policies that ensures Data Explorer is compliant per regulated Landing Zones.
TypeCustom Azure Landing Zones (ALZ)
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 4
Builtin Policies: 4
Static Policies: 0
ALZ Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type
Azure Data Explorer should use a SKU that supports private link 1fec9658-933f-4b3e-bc95-913ed22d012b Azure Data Explorer Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Configure Azure Data Explorer to disable public network access 7b32f193-cb28-4e15-9a98-b9556db0bafa Azure Data Explorer Default
Modify
Allowed
Modify, Disabled
1 SQL Server Contributor GA BuiltIn
Disk encryption should be enabled on Azure Data Explorer f4b53539-8df9-40e4-86c6-6b607703bd4e Azure Data Explorer Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Double encryption should be enabled on Azure Data Explorer ec068d99-e9c7-401f-8cef-5bdde4e6ccf1 Azure Data Explorer Default
Audit
Allowed
Audit, Deny, Disabled
0 GA BuiltIn
Roles used
Total Roles usage: 1
Total Roles unique usage: 1
Role Role Id Policies count Policies
SQL Server Contributor 6d8ee4ec-f05a-4a1d-8b00-a9b17e38b437 1 Configure Azure Data Explorer to disable public network access
History none
JSON compare n/a
JSON
EPAC