All default values should comply with a security baseline, e.g. NIST 800
The build-in policies of Azure can be used as a reference.
The task would be to scan over each of the following policies and make sure, that the module is per default complying to them.
The following policies are the NIST 800 ones:
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_AuditDiagnosticLog_Audit.json
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_CustomerManagedKeyEnabled_Audit.json
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_PrivateEndpoint_Audit.json
For Private Endpoint compliance, add the privateEndpoints parameter to the max parameters.json file and update the privateEndpoints parameter description in the bicep.json to indicate private endpoints should be used. For example:
@description('Optional. Configuration Details for private endpoints. Service Bus namespaces should use private endpoints.')
param privateEndpoints array = []
All default values should comply with a security baseline, e.g. NIST 800
The build-in policies of Azure can be used as a reference.
The task would be to scan over each of the following policies and make sure, that the module is per default complying to them.
The following policies are the NIST 800 ones:
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_AuditDiagnosticLog_Audit.json
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_CustomerManagedKeyEnabled_Audit.json
\built-in-policies\policyDefinitions\Service Bus\ServiceBus_PrivateEndpoint_Audit.json
For Private Endpoint compliance, add the privateEndpoints parameter to the max parameters.json file and update the privateEndpoints parameter description in the bicep.json to indicate private endpoints should be used. For example: