search

Azure / PSRule.Rules.Azure

Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.
https://azure.github.io/PSRule.Rules.Azure/
MIT License
389 stars 84 forks source link

Disable cryptographic keys for App Configuration stores #1691

Closed BernieWhite closed 1 year ago

BernieWhite commented 1 year ago

Rule request

Suggested rule change

Configuration stores supports two authorization methods, access keys and Azure AAD identities. Using Azure AD identities centralizes identity management and auditing.

Access keys are disabled by setting the properties.disableLocalAuth property to true.

Applies to the following

The rule applies to the following:

Additional context

Centralize all identity systems Azure deployment reference Disable access key authentication for an Azure App Configuration instance

Related rules include:

pazdedav commented 1 year ago

I am taking AZR-000291 ID for this new rule.