Policy Settings
The Azure CIS v2.0.0 - Section 5 - Logging and Monitoring policy pack has 9 policy settings:
| Policy | Setting | Note |
|---|---|---|
| Azure > Monitor > Stack | Check: Configured | Azure CIS v2.0.0 - Controls: 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9 and 5.2.10 |
| Azure > Monitor > Stack > Source | Calculated | Azure CIS v2.0.0 - Controls: 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9 and 5.2.10 |
| Azure > Monitor > Stack > Terraform Version | 0.15.* | Azure CIS v2.0.0 - Controls: 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9 and 5.2.10 |
| Azure > Network Watcher > Flow Log > Approved | Check: Approved | Azure CIS v2.0.0 - Control: 5.1.6 |
| Azure > Network Watcher > Flow Log > Approved > Custom | Calculated | Azure CIS v2.0.0 - Control: 5.1.6 |
| Azure > Resource Group > Stack | Check: Configured | Azure CIS v2.0.0 - Controls: 5.3.1 |
| Azure > Resource Group > Stack > Source | Calculated | Azure CIS v2.0.0 - Controls: 5.3.1 |
| Azure > Resource Group > Stack > Terraform Version | 0.15.* | Azure CIS v2.0.0 - Controls: 5.3.1 |
| Azure > Storage > Container > Public Access Level | Check: Private (No anonymous access) | Azure CIS v2.0.0 - Control: 5.1.3 |