ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
Azure

Policy: Azure > Storage > Storage Account > Encryption at Rest

Define the Encryption at Rest settings required for Azure > Storage > StorageAccount.

Encryption at Rest refers specifically to the encryption of data when written to an underlying storage system. This control determines whether the resource is encrypted at rest, and sets encryption.

The Encryption at Rest control compares the encryption settings against the encryption policies for the resource (Azure > Storage > StorageAccount > Encryption at Rest > *), raises an alarm, and takes the defined enforcement action.

Resource Types

This policy targets the following resource types:

Controls

Policy Specification

Schema Type
string
Default
Skip
Valid Values [YAML]
  • Skip
    
  • Check: Microsoft managed key
    
  • Check: Customer managed key
    
  • Check: Encryption at Rest > Customer Managed Key
    
  • Enforce: Microsoft managed key
    
  • Enforce: Customer managed key
    
  • Enforce: Encryption at Rest > Customer Managed Key
    

Category

In Your Workspace

Developers