bridgecrewio
feat(azure): add new policies for Azure Synapse - arm
User description
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
Fixes # (issue)
New/Edited policies (Delete if not relevant)
Description
Include a description of what makes it a violation and any relevant external links.
Fix
How does someone fix the issue in code and/or in runtime?
Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] I have added tests that prove my feature, policy, or fix is effective and works
- [ ] New and existing tests pass locally with my changes
Generated description
Dear maintainer, below is a concise technical summary of the changes proposed in this PR:
Introduce three new Azure Synapse policies to enhance security and compliance. The SynapseLogMonitoringEnabledForSQLPool class ensures log monitoring is enabled for SQL Pools, while SynapseWorkspaceAdministratorLoginPasswordHidden checks that administrator login passwords are not exposed. Additionally, SynapseWorkspaceCMKEncryption verifies that workspaces are encrypted with a Customer Managed Key (CMK). These policies are implemented in the checkov/arm/checks/resource directory and are accompanied by corresponding test cases to validate their effectiveness.
| Topic | Details | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Log Monitoring | Ensure log monitoring is enabled for Synapse SQL Pools.Modified files (4)
Latest Contributors(0)
| |||||||||
| Password Security | Ensure Synapse Workspace admin login passwords are hidden.Modified files (4)
Latest Contributors(1)
| |||||||||
| Checks Parser | Enhance checks parser with resource solvers.Modified files (1)
Latest Contributors(2)
| |||||||||
| CMK Encryption | Ensure Synapse Workspace is encrypted with a CMK.Modified files (4)
Latest Contributors(1)
|
Hi @taviassaf. Thanks for contributing!
there are several conflict, please resolve them. if the pull-request is not relevant any more, please close it (-:
Hey @taviassaf, Is this PR still relevant? If yes please resolve the conflict so we can go on with it. Thanks!
Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at codifiedsecurity.slack.com Thanks!
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
Closing issue due to inactivity. If you feel this is in error, please re-open, or reach out to the community via slack: codifiedsecurity.slack.com Thanks!