/
section_10.sp
30 lines (26 loc) · 1013 Bytes
/
section_10.sp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
locals {
cis_v200_10_common_tags = merge(local.cis_v200_common_tags, {
cis_section_id = "10"
})
}
benchmark "cis_v200_10" {
title = "10 Miscellaneous"
documentation = file("./cis_v200/docs/cis_v200_10.md")
children = [
control.cis_v200_10_1
]
tags = merge(local.cis_v200_10_common_tags, {
type = "Benchmark"
})
}
control "cis_v200_10_1" {
title = "10.1 Ensure that Resource Locks are set for Mission-Critical Azure Resources"
description = "Resource Manager Locks provide a way for administrators to lock down Azure resources to prevent deletion of, or modifications to, a resource. These locks sit outside of the Role Based Access Controls (RBAC) hierarchy and, when applied, will place restrictions on the resource for all users."
query = query.manual_control
documentation = file("./cis_v200/docs/cis_v200_10_1.md")
tags = merge(local.cis_v200_8_common_tags, {
cis_item_id = "10.1"
cis_level = "2"
cis_type = "manual"
})
}