azure-cisv2-0 v5.1.0 - Added support for control 5.01.06 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics

What's new?

• The Azure > CIS v2.0 > 5.05 - Ensure that SKU Basic/Consumption is not used on artifacts that need to be monitored (Particularly for Production Workloads) control will also evaluate SQL databases for SKU Basic/Consumption.

Control Types

• Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.06 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics

Policy Types

• Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.06 - Ensure that Network Security Group flow logs are captured and sent to Log Analytics

Bug fixes

• The Azure > CIS v2.0 > 4 - Database Services > 01.03 - Ensure SQL server's Transparent Data Encryption (TDE) protector is encrypted with Customer-managed key control did not evaluate the result correctly, as expected. This is now fixed.