New Policy (App Configuration Stores): App Configuration Stores should should have soft delete enabled of 7 days

[tdefise]

Policy

• Name: App Configuration Stores should should have soft delete enabled of 7 days
• Description: This policy helps audit any App Configuration Stores that doesn't have a soft delete set to 7 days.
• Supported effect(s): Audit, Deny, Disabled
• Parameters: None

Description

This policy helps audit any App Configuration Stores that doesn't have a soft delete set to 7 days.

Details

Setting a soft delete period of 7 days for an App Configuration Store is often recommended for several reasons:

• Recovery Period: Soft delete allows for a grace period during which deleted configurations can be recovered. Seven days is a commonly chosen duration because it provides a reasonable window for recovery without unnecessarily cluttering the configuration store with indefinitely retained data.
• Accidental Deletion: Users might accidentally delete configurations. By having a soft delete period, you can mitigate the impact of such accidents by giving users time to realize their mistake and restore the deleted configurations.
• Change Rollback: Sometimes, changes made to configurations can have unintended consequences. With a soft delete period, you can roll back to a previous configuration within the grace period if the new configuration causes issues.
• Compliance and Auditing: In some cases, organizations are required to maintain data for a certain period for compliance or auditing purposes. Having a defined soft delete period helps in meeting these requirements without permanently storing unnecessary data.
• Resource Management: Soft delete helps in managing resources efficiently by automatically purging deleted configurations after a specified period, thus preventing the configuration store from accumulating unnecessary data.
• User Experience: It enhances the user experience by providing a safety net for configuration changes. Users feel more confident making changes knowing that they have a window to reverse them if necessary.
• Consistency and Predictability: By standardizing the soft delete period across different environments and applications, you establish consistency and predictability in the data management practices within your organization.

Contribution Rules

• [X] Contain a single Policy in a folder by itself with 3 files: azurepolicy.json, azurepolicy.rules.json, and azurepolicy.parameters.json
• [X] Used Confirm-PolicyDefinitionIsValid.ps1
• [X] Used Out-FormattedPolicyDefinition.ps1
• [X] Effect default value aligns with convention