turbot/steampipe-mod-azure-compliance

Dashboard: CIS v4.0.0

CIS Microsoft Azure Foundations Benchmark v4.0.0

Overview

The CIS Microsoft Azure Foundations Benchmark v4.0.0 provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. This benchmark covers foundational elements of Azure cloud platform.

Benchmark Categories

The benchmark is organized into the following categories:

  1. Identity and Access Management
  2. Security Center
  3. Storage Accounts
  4. Database Services
  5. Logging and Monitoring
  6. Networking
  7. Virtual Machines
  8. Key Vault
  9. AppService
  10. Other Security Considerations

Levels

Each recommendation in this benchmark has a level designation indicating the depth of the security control:

  • Level 1 - Practical security configurations that can be configured with minimal complexity
  • Level 2 - More restrictive and security-focused recommendations that may have higher complexity or operational overhead

Implementation Notes

  • Some controls may require elevated permissions to assess or modify
  • Consider business requirements and operational impact when implementing controls
  • Regular review and updates of security configurations is recommended
  • Use automation where possible to maintain consistent security baselines

References

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select CIS v4.0.0 dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe benchmark run azure_compliance.benchmark.cis_v400 --share

Benchmark

This dashboard is automatically generated from the following benchmark:

benchmark.cis_v400

Tags