4504f88e8d
* 📄 compliance ready policies documentation * revert unwanted change * 🐛 typo * 📄 add a section to mention Compliance Ready Polcies. * 📄 remove `aliases` since they shouldn't be necessary * 📄 suggestion from Mitch * 📄 list existing policy docs 🔥 remove details about PULUMI_ACCESS_TOKEN * 🌿 add back azurenative policies docs 🐛 fix package names in the generated docs * 🐛 fix list style * 📄 suggested changes to improve documentation Co-authored-by: Christian Nunciato <c@nunciato.org> * Fix a lint --------- Co-authored-by: Christian Nunciato <c@nunciato.org>
2.4 KiB
title_tag, meta_desc, title, h1, meta_image, menu
| title_tag | meta_desc | title | h1 | meta_image | menu | ||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Compliance Ready Policies (Azure) | CrossGuard | This page contains the list of Compliance Ready Policies for Azure. | Compliance Ready Azure Policies | List of Compliance Ready Policies for Azure | /images/docs/meta-images/docs-meta.png |
|
There's a total of 3 Compliance Ready Policies for the Azure provider.
All those policies are available in the @pulumi/azure-compliance-policies package.
Please refer to our Documentation for more details.
compute
LinuxVirtualMachine
azure-compute-linuxvirtualmachine-disallow-password-authentication
Policy name: azure-compute-linuxvirtualmachine-disallow-password-authentication
Code path: azure.compute.LinuxVirtualMachine.disallowPasswordAuthentication
Authentication to Linux machines should require SSH keys.
Service: Compute
Resource: LinuxVirtualMachine
Associated metadata for this policy:
Severity: high
Frameworks: iso27001, pcidss
Topics: authentication, security
Link: https://docs.microsoft.com/azure/virtual-machines/linux/create-ssh-keys-detailed
ManagedDisk
azure-compute-manageddisk-disallow-unencrypted-managed-disk
Policy name: azure-compute-manageddisk-disallow-unencrypted-managed-disk
Code path: azure.compute.ManagedDisk.disallowUnencryptedManagedDisk
Checks that Disks are encrypted.
Service: Compute
Resource: ManagedDisk
Associated metadata for this policy:
Severity: high
Frameworks: iso27001, pcidss
Topics: encryption, storage
Link: https://docs.microsoft.com/azure/virtual-machines/linux/disk-encryption-overview
containerservice
KubernetesCluster
azure-containerservice-kubernetescluster-configure-network-policy
Policy name: azure-containerservice-kubernetescluster-configure-network-policy
Code path: azure.containerservice.KubernetesCluster.configureNetworkPolicy
Checks AKS cluster has Network Policy configured.
Service: Containerservice
Resource: KubernetesCluster
Associated metadata for this policy:
Severity: high
Frameworks: iso27001, pcidss
Topics: kubernetes, network
Link: https://kubernetes.io/docs/concepts/services-networking/network-policies/