ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
Azure

Policy: Azure > CIS v1 > 8 Other Security Considerations > 8.03 Ensure that Resource Locks are set for mission critical Azure resources (Not Scored)

Configures auditing against a CIS Benchmark item.

Level: 2 (Not Scored)

Resource Manager Locks provide a way for administrators to lock down Azure resources to prevent deletion of, or modifications to, a resource. These locks sit outside of the Role Based Access Controls (RBAC) hierarchy and, when applied, will place restrictions on the resource for all users. These are very useful when there is have an important resource in a subscription that users should not be able to delete or change and can help prevent accidental and malicious changes or deletion.

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Schema Type
string
Default
Per Azure > CIS v1 using attestation
Valid Values [YAML]
  • Per Azure > CIS v1 using attestation
    
  • Skip
    
  • Check: Level 2 (Not Scored) using attestation
    

Category

In Your Workspace

Developers