Policy: Azure > CIS v4.0 > 07 - Management and Governance > 07.01 - Logging and Monitoring > 07.01.05 - Ensure SKU Basic/Consumption is not used on artifacts that need to be monitored
Configures auditing against a CIS Benchmark item.
Level: 2
The use of Basic or Free SKUs in Azure whilst cost effective have significant limitations in terms of what can be monitored and what support can be realized from Microsoft. Typically, these SKU's do not have a service SLA and Microsoft may refuse to provide support for them. Consequently Basic/Free SKUs should never be used for production workloads.
Typically, production workloads need to be monitored and should have an SLA with Microsoft, using Basic SKUs for any deployed product will mean that that these capabilities do not exist. The following resource types should use standard SKUs as a minimum: - Public IP Addresses - Network Load Balancers - REDIS Cache - SQL PaaS Databases - VPN Gateways
Targets
This policy targets the following resource types:
- Azure > Load Balancer > Load Balancer
- Azure > Network > Public IP Address
- Azure > Network > Virtual Network Gateway
- Azure > SQL > Database
Primary Policy
This policy is used with the following primary policy:
Related Policies
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/v070505
- tmod:@turbot/azure-cisv4-0#/policy/types/r070105
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv4-0#/policy/types/r070105"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv4-0#/policy/types/r070105"
Get Policy TypeGet Policy Settings