Policy: Azure > CIS v1 > 8 Other Security Considerations > 8.03 Ensure that Resource Locks are set for mission critical Azure resources (Not Scored)
Configures auditing against a CIS Benchmark item.
Level: 2 (Not Scored)
Resource Manager Locks provide a way for administrators to lock down Azure resources to prevent deletion of, or modifications to, a resource. These locks sit outside of the Role Based Access Controls (RBAC) hierarchy and, when applied, will place restrictions on the resource for all users. These are very useful when there is have an important resource in a subscription that users should not be able to delete or change and can help prevent accidental and malicious changes or deletion.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Related Policies
Controls
- Azure > CIS v1
- Azure > CIS v1 > 8 Other Security Considerations > 8.03 Ensure that Resource Locks are set for mission critical Azure resources (Not Scored)
- Azure > CIS v1 > 8 Other Security Considerations
Policy Specification
Schema Type |
|
---|---|
Default |
|
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/v0714
- tmod:@turbot/azure-cisv1#/policy/types/r0803
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv1#/policy/types/r0803"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv1#/policy/types/r0803"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI