AzInitiativeAdvertizer

last sync: 2025-Apr-30 18:25:10 UTC
this is the development/test site - data is not accurate. Go to prod

Brazilian General Data Protection Law (LGPD) 2018

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display nameBrazilian General Data Protection Law (LGPD) 2018
Id770977b7-fceb-4c16-9d09-b7484fb8eef2
Version1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
CategoryRegulatory Compliance
Microsoft Learn
DescriptionBrazil's comprehensive data protection law, regulating the processing of personal data.
Cloud environmentsAzureCloud = true
AzureChinaCloud = unknown
AzureUSGovernment = unknown
Available in AzUSGovUnknown, no evidence if PolicySet definition is/not available in AzureUSGovernment
TypeBuiltIn
DeprecatedFalse
PreviewFalse
Policy-used summary
Policy types Policy states Policy categories
Total Policies: 19
Builtin Policies: 19
Static Policies: 0
GA: 18
Preview: 1
12 categories:
API for FHIR: 1
App Configuration: 1
Automation: 1
Azure Data Explorer: 2
Compute: 2
Container Instance: 1
Guest Configuration: 2
Monitoring: 1
Security Center: 2
SQL: 3
Storage: 2
Stream Analytics: 1
Policy-used
Policy DisplayName Policy Id Category Version Versioning Effect Roles# Roles State policy in AzUSGov
[Preview]: Guest Attestation extension should be installed on supported Windows virtual machines scale sets f655e522-adff-494d-95c2-52d4f6d56a42 Security Center 3.1.0-preview 1x
3.1.0-preview		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 Preview true
Activity log should be retained for at least one year b02aacc0-b073-424e-8298-42b22829ee0a Monitoring 1.0.0 1x
1.0.0		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
App Configuration should use a customer-managed key 967a4b4b-2da9-43c1-b7d0-f98d0d74d0b1 App Configuration 1.1.0 1x
1.1.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA unknown
Azure API for FHIR should use a customer-managed key to encrypt data at rest 051cba44-2429-45b9-9649-46cec11c7119 API for FHIR 1.1.0 1x
1.1.0		 Default
Audit
Allowed
audit, Audit, disabled, Disabled		 0 GA unknown
Azure Automation accounts should use customer-managed keys to encrypt data at rest 56a5ee18-2ae6-4810-86f7-18e39ce5629b Automation 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Azure Container Instance container group should use customer-managed key for encryption 0aa61e00-0a01-4a3c-9945-e93cffedf0e6 Container Instance 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Disabled, Deny		 0 GA true
Azure Data Explorer encryption at rest should use a customer-managed key 81e74cea-30fd-40d5-802f-d72103c2aaaa Azure Data Explorer 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Azure Stream Analytics jobs should use customer-managed keys to encrypt data 87ba29ef-1ab3-4d82-b763-87fcd4f531f7 Stream Analytics 1.1.0 1x
1.1.0		 Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled		 0 GA true
Disk encryption should be enabled on Azure Data Explorer f4b53539-8df9-40e4-86c6-6b607703bd4e Azure Data Explorer 2.0.0 1x
2.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Linux virtual machines should enable Azure Disk Encryption or EncryptionAtHost. ca88aadc-6e2b-416c-9de2-5a0f01d1693f Guest Configuration 1.2.1 3x
1.2.1, 1.2.0-preview, 1.1.0-preview		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA unknown
Managed disks should be double encrypted with both platform-managed and customer-managed keys ca91455f-eace-4f96-be59-e6e2c35b4816 Compute 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Managed disks should use a specific set of disk encryption sets for the customer-managed key encryption d461a302-a187-421a-89ac-84acdb4edc04 Compute 2.0.0 1x
2.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA unknown
PostgreSQL servers should use customer-managed keys to encrypt data at rest 18adea5e-f416-4d0f-8aa8-d24321e3e274 SQL 1.0.4 1x
1.0.4		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
SQL managed instances should use customer-managed keys to encrypt data at rest ac01ad65-10e5-46df-bdd9-6b0cad13e1d2 SQL 2.0.0 1x
2.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
SQL servers should use customer-managed keys to encrypt data at rest 0a370ff3-6cab-4e85-8995-295fd854c5b8 SQL 2.0.1 1x
2.0.1		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Storage account encryption scopes should use customer-managed keys to encrypt data at rest b5ec538c-daa0-4006-8596-35468b9148e8 Storage 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA true
Storage account encryption scopes should use double encryption for data at rest bfecdea6-31c4-4045-ad42-71b9dc87247d Storage 1.0.0 1x
1.0.0		 Default
Audit
Allowed
Audit, Deny, Disabled		 0 GA unknown
Subscriptions should have a contact email address for security issues 4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7 Security Center 1.0.1 1x
1.0.1		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA true
Windows virtual machines should enable Azure Disk Encryption or EncryptionAtHost. 3dc5edcd-002d-444c-b216-e123bbfa37c0 Guest Configuration 1.1.1 2x
1.1.1, 1.1.0-preview		 Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled		 0 GA unknown
Roles used No Roles used
History
Date/Time (UTC ymd) (i) Changes
2025-02-06 21:37:14 add Initiative 770977b7-fceb-4c16-9d09-b7484fb8eef2
JSON compare n/a
JSON
api-version=2023-04-01
EPAC