Azure Policy built-ins
This page is an index of documentation for Azure Policy built-in policy definitions and initiatives, and Regulatory Compliance built-ins that are available in Azure portal.
Built-ins
Azure Policy built-in policies and initiatives and the name links to the documentation.
| Name | Description |
|---|---|
| Policies | Azure Policy built-in definitions. |
| Initiatives | Azure Policy built-in initiatives. |
Regulatory Compliance
The following are the Regulatory Compliance built-ins in Azure. The name links to the documentation and you can use the ID to find the initiative in Azure Policy definitions in the portal.
| Name | ID |
|---|---|
| Australian Government ISM PROTECTED | 27272c0b-c225-4cc3-b8b0-f2534b093077 |
| Canada Federal PBMM | 4c4a5f27-de81-430b-b4e5-9cbd50595a87 |
| CIS Microsoft Azure Foundations Benchmark 1.1.0 | 1a5bb27d-173f-493e-9568-eb56638dde4d |
| CIS Microsoft Azure Foundations Benchmark 1.3.0 | 612b5213-9160-4969-8578-1518bd2a000c |
| CIS Microsoft Azure Foundations Benchmark 1.4.0 | c3f5c4d9-9a1d-4a99-85c0-7f93e384d5c5 |
| CIS Microsoft Azure Foundations Benchmark 2.0.0 | 06f19060-9e68-4070-92ca-f15cc126059e |
| CMMC Level 3 | b5629c75-5c77-4422-87b9-2509e680f8de |
| FedRAMP High | d5264498-16f4-418a-b659-fa7ef418175f |
| FedRAMP Moderate | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 |
| HIPAA HITRUST | a169a624-5599-4385-a696-c8d643089fab |
| IRS 1075 September 2016 | 105e0327-6175-4eb2-9af4-1fba43bdb39d |
| ISO 27001:2013 | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 |
| Microsoft cloud security benchmark | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 |
| Microsoft Cloud for Sovereignty Confidential | 03de05a4-c324-4ccd-882f-a814ea8ab9ea |
| Microsoft Cloud for Sovereignty Global | c1cbff38-87c0-4b9f-9f70-035c7a3b5523 |
| NIST SP 800-53 Rev. 4 | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f |
| NIST SP 800-53 Rev. 5 | 179d1daa-458f-4e47-8086-2a68d0d6c38f |
| NIST SP 800-171 R2 | 03055927-78bd-4236-86c0-f36125a10dc9 |
| NL BIO Cloud Theme | 6ce73208-883e-490f-a2ac-44aac3b3687f |
| PCI DSS 3.2.1 | 496eeda9-8f2f-4d5e-8dfd-204f0a92ed41 |
| PCI DSS 4.0 | c676748e-3af9-4e22-bc28-50feed564afb |
| RBI ITF Banks v2016 | d0d5578d-cc08-2b22-31e3-f525374f235a |
| RBI ITF NBFC v2017 | 7f89f09c-48c1-f28d-1bd5-84f3fb22f86c |
| RMIT Malaysia | 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 |
| Spain ENS | 175daf90-21e1-4fec-b745-7b4c909aa94c |
| System and Organization Controls (SOC) 2 | 4054785f-702b-4a98-9215-009cbd58b141 |
| SWIFT CSP-CSCF v2021 | abf84fac-f817-a70c-14b5-47eec767458a |
| SWIFT CSP-CSCF v2022 | 7bc7cd6c-4114-ff31-3cac-59be3157596d |
| UK OFFICIAL and UK NHS | 3937f550-eedd-4639-9c5e-294358be442e |
Regulatory Compliance Azure Government
The following are the Regulatory Compliance built-ins in Azure Government. The name links to the documentation and you can use the ID to find the initiative in Azure Policy definitions in the portal. The government initiatives use the same ID but might differ from Azure initiatives by which policy definitions are included. The initiative version numbers between Azure and Azure Government are also different.
| Name | ID |
|---|---|
| CIS Microsoft Azure Foundations Benchmark v1.1.0 | 1a5bb27d-173f-493e-9568-eb56638dde4d |
| CIS Microsoft Azure Foundations Benchmark v1.3.0 | 612b5213-9160-4969-8578-1518bd2a000c |
| CMMC Level 3 | b5629c75-5c77-4422-87b9-2509e680f8de |
| FedRAMP High | d5264498-16f4-418a-b659-fa7ef418175f |
| FedRAMP Moderate | e95f5a9f-57ad-4d03-bb0b-b1d16db93693 |
| IRS 1075 September 2016 | 105e0327-6175-4eb2-9af4-1fba43bdb39d |
| ISO 27001:2013 | 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 |
| Microsoft cloud security benchmark | 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 |
| NIST SP 800-53 Rev. 4 | cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f |
| NIST SP 800-53 Rev. 5 | 179d1daa-458f-4e47-8086-2a68d0d6c38f |
| NIST SP 800-171 R2 | 03055927-78bd-4236-86c0-f36125a10dc9 |
| System and Organization Controls (SOC) 2 | 4054785f-702b-4a98-9215-009cbd58b141 |
Next steps
- Share and collaborate on making custom policies in the GitHub community policy repository.
- See the built-ins on the Azure Policy GitHub repo.
- Review the Azure Policy definition structure.
- Review Understanding policy effects.