Azure.Preview_2024_06#
Warning
This baseline is obsolete. Consider switching to a newer baseline.
Include rules released June 2024 or prior for Azure preview only features.
Rules#
The following rules are included within the Azure.Preview_2024_06 baseline.
This baseline includes a total of 11 rules.
| Name | Synopsis | Severity |
|---|---|---|
| Azure.ACR.AnonymousAccess | Anonymous pull access allows unidentified downloading of images and metadata from a container registry. | Important |
| Azure.ACR.Quarantine | Enable container image quarantine, scan, and mark images as verified. | Important |
| Azure.ACR.Retention | Use a retention policy to cleanup untagged manifests. | Important |
| Azure.ACR.SoftDelete | Azure Container Registries should have soft delete policy enabled. | Important |
| Azure.Arc.Kubernetes.Defender | Deploy Microsoft Defender for Containers extension for Arc-enabled Kubernetes clusters. | Important |
| Azure.Arc.Server.MaintenanceConfig | Use a maintenance configuration for Arc-enabled servers. | Important |
| Azure.Defender.Storage.DataScan | Enable sensitive data threat detection in Microsoft Defender for Storage. | Critical |
| Azure.LogAnalytics.Replication | Log Analytics workspaces should have workspace replication enabled to improve service availability. | Important |
| Azure.Storage.Defender.DataScan | Enable sensitive data threat detection in Microsoft Defender for Storage. | Critical |
| Azure.VMSS.AutoInstanceRepairs | Automatic instance repairs are enabled. | Important |
| Azure.VNG.MaintenanceConfig | Use a customer-controlled maintenance configuration for virtual network gateways. | Important |