/
AzBackupRecoveryServicesVault_MUA_Audit.json
50 lines (50 loc) · 1.52 KB
/
AzBackupRecoveryServicesVault_MUA_Audit.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
{
"properties": {
"displayName": "[Preview]: Multi-User Authorization (MUA) must be enabled for Recovery Services Vaults.",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "This policy audits if Multi-User Authorization (MUA) is enabled for Recovery Services Vaults. MUA helps in securing your Recovery Services Vaults by adding an additional layer of protection to critical operations. To learn more, visit https://aka.ms/MUAforRSV.",
"metadata": {
"version": "1.0.0-preview",
"preview": true,
"category": "Backup"
},
"version": "1.0.0-preview",
"parameters": {
"effect": {
"metadata": {
"description": "Enable or disable the execution of the policy.",
"displayName": "Effect"
},
"defaultValue": "Audit",
"type": "String",
"allowedValues": [
"Audit",
"Disabled"
]
}
},
"policyRule": {
"then": {
"effect": "[parameters('effect')]"
},
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.RecoveryServices/vaults"
},
{
"field": "Microsoft.RecoveryServices/vaults/securitySettings.multiUserAuthorization",
"notEquals": "Enabled"
}
]
}
},
"versions": [
"1.0.0-PREVIEW"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/c7031eab-0fc0-4cd9-acd0-4497bd66d91a",
"name": "c7031eab-0fc0-4cd9-acd0-4497bd66d91a"
}