Cloud Custodian Policies for CIS Microsoft Azure Foundations Benchmark (Part 1)

CIS Azure Foundations Benchmark v1.4.0 — 11–26–2021

CIS Microsoft Azure Foundations Security Benchmark provides the guidance for establishing a secure baseline configuration for Azure Cloud. Version 1.4.0 was released on November 26th, 2021.

The recommendation covers 9 areas. Every recommendation indicates whether the implementation steps are automatic or require manual steps. The configuration profiles are divided into 2 profiles- Level 1 and Level 2. Level 1 provides the hardening practice to limit the impact. Level 2 extends Level 1 to include the use cases where security is more critical than manageability and usability. It allows you to measure your defense-in-depth controls.

Cloud Custodian is an open-source from CapitalOne written in python language and comprises of many tools and scripts. It is a rule engine where you can write policy definitions in YAML. This enables an organization to manage their public cloud resources by writing policies for cost savings, explore tagging, compliance, security, operations-related concerns, and resource inventory. In this story, we are going to write…