Dashboard: Azure CIS v4.0.0

CIS Microsoft Azure Foundations Benchmark v4.0.0

Overview

The CIS Microsoft Azure Foundations Benchmark v4.0.0 provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. This benchmark covers foundational elements of Azure cloud platform.

Benchmark Categories

The benchmark is organized into the following categories:

Identity and Access Management
Security Center
Storage Accounts
Database Services
Logging and Monitoring
Networking
Virtual Machines
Key Vault
AppService
Other Security Considerations

Levels

Each recommendation in this benchmark has a level designation indicating the depth of the security control:

Level 1 - Practical security configurations that can be configured with minimal complexity
Level 2 - More restrictive and security-focused recommendations that may have higher complexity or operational overhead

Implementation Notes

Some controls may require elevated permissions to assess or modify
Consider business requirements and operational impact when implementing controls
Regular review and updates of security configurations is recommended
Use automation where possible to maintain consistent security baselines

References

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select Azure CIS v4.0.0 dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe benchmark run azure_compliance.benchmark.cis_v400 --share

Benchmark

This dashboard is automatically generated from the following benchmark:

benchmark.cis_v400