Benchmark: 3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions
Description
Cryptographic standards include FIPS-validated cryptography and NSA-approved cryptography.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_1_13
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_171_rev_2_3_1_13 --share
Controls
- App Configuration should use private link
- Cognitive Services should use private link
- Disk access resources should use private link
- Container registries should use private link
- CosmosDB accounts should use private link
- Azure Data Factory should use private link
- Azure Event Grid domains should use private link
- Azure Event Grid topics should use private link
- Event Hub namespaces should use private link
- Azure API for FHIR should use private link
- IoT Hub device provisioning service instances should use private link
- Azure Key Vaults should use private link
- Private endpoint should be enabled for MariaDB servers
- Private endpoint should be enabled for MySQL servers
- Private endpoint should be enabled for PostgreSQL servers
- Azure Cache for Redis should use private link
- Azure Cognitive Search services should use private link
- Azure Cognitive Search service should use a SKU that supports private link
- Azure Service Bus namespaces should use private link
- Azure SignalR Service should use private link
- Azure Spring Cloud should use network injection
- Private endpoint connections on Azure SQL Database should be enabled
- Storage accounts should restrict network access
- Storage accounts should use private link
- Azure File Sync should use private link
- Azure Synapse workspaces should use private link