Turbot Guardrails Hub 
Hub
Policy Packs
Azure CIS v2.0.0 - Section 6 - Networking
Overview
6
Policy Settings
0
Variables
DevelopersGithub

Policy Settings

The Azure CIS v2.0.0 - Section 6 - Networking policy pack has 6 policy settings:

PolicySettingNote
Azure > Network > Network Security Group > Ingress Rules > ApprovedCheck: ApprovedAzure CIS v2.0.0 - Controls: 6.1, 6.2, 6.3, 6.4
Azure > Network > Network Security Group > Ingress Rules > Approved > RulesREJECT $.turbot.cidr:0.0.0.0/0 $.turbot.ports=22,3389,443,80 REJECT $.turbot.cidr:0.0.0.0/0 $.turbot.protocol:udp APPROVE * Azure CIS v2.0.0 - Controls: 6.1, 6.2, 6.3, 6.4
Azure > Network Watcher > Flow Log > Retention PolicyCheck: Enabled per `Retention Policy > Days`Azure CIS v2.0.0 - Controls: 6.5
Azure > Network Watcher > Flow Log > Retention Policy > Days90Azure CIS v2.0.0 - Controls: 6.5
Azure > Network Watcher > Network Watcher > ApprovedCheck: ApprovedAzure CIS v2.0.0 - Controls: 6.6
Azure > Network Watcher > Network Watcher > Approved > CustomCalculatedAzure CIS v2.0.0 - Controls: 6.6