Control: Azure > CIS v5.0 > 7 - Networking Services > 7.09 - Ensure 'Authentication type' is set to 'Azure Active Directory' only for Azure VPN Gateway point-to-site configuration

Configures auditing against a CIS Benchmark item.

Level: 2

Enable only 'Azure Active Directory' (Microsoft Entra ID) authentication for Azure VPN Gateway point-to-site connections.

Microsoft Entra ID authentication provides strong security and centralized identity management, and reduces risks associated with static credentials and certificate management.

Resource Types

This control targets the following resource types:

Azure > Network > Virtual Network Gateway

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv5-0#/control/types/r0709

Category URI

tmod:@turbot/cis#/control/categories/v071602

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv5-0#/control/types/r0709") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv5-0#/control/types/r0709'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r0709"