AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

All Database Admin on Azure Data Explorer should be disabled

Azure BuiltIn Policy definition

Source Azure Portal
Display name All Database Admin on Azure Data Explorer should be disabled
Id 8945ba5e-918e-4a57-8117-fe615d12e3ba
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Azure Data Explorer
Microsoft Learn
Description Disable all database admin role to restrict granting highly privileged/administrative user role.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Kusto/Clusters/principalAssignments/role Microsoft.Kusto clusters/principalassignments properties.role True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-05-16 17:42:35 add 8945ba5e-918e-4a57-8117-fe615d12e3ba
JSON compare n/a
JSON
api-version=2021-06-01
EPAC