Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Policy Packs
Azure CIS v2.0.0 - Section 6 - Networking
  • Azure > Network > Network Security Group > Ingress Rules > Approved
  • Azure > Network > Network Security Group > Ingress Rules > Approved > Rules
  • Azure > Network Watcher > Flow Log > Retention Policy
  • Azure > Network Watcher > Flow Log > Retention Policy > Days
  • Azure > Network Watcher > Network Watcher > Approved
  • Azure > Network Watcher > Network Watcher > Approved > Custom

Policy Settings

The Azure CIS v2.0.0 - Section 6 - Networking policy pack has 6 policy settings:

PolicySettingNote
Azure > Network > Network Security Group > Ingress Rules > ApprovedCheck: ApprovedAzure CIS v2.0.0 - Controls: 6.1, 6.2, 6.3, 6.4
Azure > Network > Network Security Group > Ingress Rules > Approved > RulesREJECT $.turbot.cidr:0.0.0.0/0 $.turbot.ports=22,3389,443,80 REJECT $.turbot.cidr:0.0.0.0/0 $.turbot.protocol:udp APPROVE * Azure CIS v2.0.0 - Controls: 6.1, 6.2, 6.3, 6.4
Azure > Network Watcher > Flow Log > Retention PolicyCheck: Enabled per `Retention Policy > Days`Azure CIS v2.0.0 - Controls: 6.5
Azure > Network Watcher > Flow Log > Retention Policy > Days90Azure CIS v2.0.0 - Controls: 6.5
Azure > Network Watcher > Network Watcher > ApprovedCheck: ApprovedAzure CIS v2.0.0 - Controls: 6.6
Azure > Network Watcher > Network Watcher > Approved > CustomCalculatedAzure CIS v2.0.0 - Controls: 6.6
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy