module/ConfigurationProvider/ControlConfigurations/Services/EventGridDomain.json
|
{
"FeatureName": "EventGridDomain", "Reference": "", "IsMaintenanceMode": false, "Controls": [ { "ControlID": "Azure_EventGridDomain_NetSec_Use_Private_Link_MCSB", "Description": "[MCSB] Azure Event Grid domains should use private link", "Id": "EventGridDomain100", "ControlSeverity": "High", "Automated": "Yes", "DisplayName": "[MCSB] Azure Event Grid domains should use private link", "Category": "Deploy controls to restrict network traffic", "ControlRequirements": "Restrict network traffic flows", "ControlScanSource": "MDC", "Rationale": "Azure Private Link lets you connect your virtual network to Azure services without a public IP address at the source or destination. The private link platform handles the connectivity between the consumer and services over the Azure backbone network.By mapping private endpoints to your Event Grid domains instead of the entire service, you'll also be protected against data leakage risks.", "Recommendation": "To add private link, please refer: https://learn.microsoft.com/en-us/azure/event-grid/configure-private-endpoints#use-azure-portal", "AssessmentProperties": { "AssessmentNames": [ "bef092f5-bea7-3df3-1ee8-4376dd9c111e" ], "AssessmentStatusMappings": [ { "AssessmentStatusCode": "NotApplicable", "EffectiveVerificationResult": "Failed", "AssessmentStatusCausePatterns": "(.)*OffByPolicy|Exempt(.)*", "AppendMessageToStatusReason": "Disabling or exempting the policy from getting evaluated is not recommended. The Control will be marked as Failed." } ] }, "Tags": [ "Automated", "NetSec", "Baseline", "EventGridDomain" ], "Enabled": false, "CustomTags": [ "Daily", "MCSB" ] } ] } |