Azure_compliance/control/check

Ensure server parameter 'audit_log_enabled' is set to 'ON' for MySQL Database Server
Description: Enable audit_log_enabled on MySQL Servers. Rationale: Enabling audit_log_enabled helps MySQL Database to log items such as connection att...
Tue, 22 Aug, 2023 at 5:49 AM
Ensure Virtual Machines are utilizing Managed Disks to exploit the default features of this configuration.
Description: Migrate blob-based VHDs to Managed Disks on Virtual Machines to exploit the default features of this configuration. The features include: 1....
Fri, 8 Sep, 2023 at 5:57 AM
Ensure server parameter 'audit_log_events' has 'CONNECTION' set for MySQL Database Server
Description: Set audit_log_enabled to include CONNECTION on MySQL Servers. Rationale: Enabling CONNECTION helps MySQL Database to log items such as su...
Tue, 22 Aug, 2023 at 5:53 AM
Ensure That 'Firewalls & Networks' Is Limited to Use Selected Networks Instead of All Networks for CosmosDB
Description: Limiting your Cosmos DB to only communicate on whitelisted networks lowers its attack footprint.                 Rationale: Selecting certain...
Thu, 7 Sep, 2023 at 10:48 AM
Ensure an Azure Bastion Host Exists
Description: The Azure Bastion service allows secure remote access to Azure Virtual Machines over the Internet without exposing remote access protocol port...
Mon, 21 Aug, 2023 at 9:03 AM
Use Azure Active Directory (AAD) Client Authentication and Azure RBAC where possible.
Description: Cosmos DB can use tokens or AAD for client authentication which in turn will use Azure RBAC for authorization. Using AAD is significantly more...
Tue, 22 Aug, 2023 at 6:05 AM
Ensure that Network Watcher is 'Enabled' for Azure subscriptions
Description: Enable Network Watcher for Azure subscriptions. Rationale: Network diagnostic and visualization tools available with Network Watcher help...
Fri, 8 Sep, 2023 at 5:56 AM
Ensure that Network Security Group Flow Log retention period is 'greater than 90 days'
Description: Network Security Group Flow Logs should be enabled and the retention period set to greater than or equal to 90 days. Rationale: Flow logs...
Mon, 21 Aug, 2023 at 9:13 AM
Ensure that logging for Azure Key Vault is 'Enabled' .
Description: Enable AuditEvent logging for key vault instances to ensure interactions with key vaults are logged and available. Rationale: Monitoring...
Tue, 22 Aug, 2023 at 5:08 AM
Ensure that HTTP(S) access from the Internet is evaluated and restricted .
Description: Network security groups should be periodically evaluated for port misconfigurations. Where certain ports and protocols may be exposed to the I...
Mon, 21 Aug, 2023 at 9:15 AM