module/ConfigurationProvider/ControlConfigurations/Services/Databricks.json
|
{
"FeatureName": "Databricks", "Reference": "", "IsMaintenanceMode": false, "Controls": [ { "ControlID": "Azure_Databricks_Audit_Enable_Diagnostic_Settings", "Description": "Diagnostics logs and metrics must be enabled for Databricks", "Id": "Databricks100", "ControlSeverity": "High", "Automated": "Yes", "MethodName": "CheckDatabricksDiagnosticsSettings", "Rationale": "Logs should be retained for a long enough period so that activity trail can be recreated when investigations are required in the event of an incident or a compromise. A period of 1 year is typical for several compliance requirements as well.", "Recommendation": "You can change the diagnostic settings from the Azure Portal by following the steps given here: https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings.", "Enabled": true, "DisplayName": "Diagnostics logs and metrics must be enabled for Databricks", "Category": "Monitoring must be correctly configured", "ControlRequirements": "Monitoring and auditing must be enabled and correctly configured according to prescribed organizational guidance", "Tags": [ "Audit", "Baseline", "Databricks", "Automated", "Diagnostics" ], "ControlEvaluationDetails": { "RequiredProperties": [ "DiagnosticSettings" ] }, "ControlSettings": { "DiagnosticForeverRetentionValue": "0", "DiagnosticMinRetentionPeriod": "90", "DiagnosticLogs": [ "dbfs", "clusters", "accounts", "jobs", "notebook", "ssh", "workspace", "secrets", "sqlPermissions", "instancePools", "sqlanalytics", "genie", "globalInitScripts", "iamRole", "mlflowExperiment", "featureStore", "RemoteHistoryService", "mlflowAcledArtifact", "databrickssql", "deltaPipelines", "modelRegistry", "repos", "unityCatalog", "gitCredentials", "webTerminal", "serverlessRealTimeInference", "clusterLibraries", "partnerHub", "clamAVScan", "capsule8Dataplane" ], "ExcludedSKUs": [ "Trial", "Standard" ] }, "CustomTags": [ "Weekly" ] } ] } |