search

Azure / PSRule.Rules.Azure

Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.
https://azure.github.io/PSRule.Rules.Azure/
MIT License
400 stars 88 forks source link

the same as here https://github.com/Azure/PSRule.Rules.Azure/issues/1762 #3185

Open dariuszbz opened 1 week ago

dariuszbz commented 1 week ago

Existing rule

No response

Description of the issue

we run the ADO "task: Run Microsoft Defender for DevOps" and we get the error like here:

https://github.com/Azure/PSRule.Rules.Azure/issues/1762

our module structure is the same and we call the module the same way and we are getting the same result as an error :)

Error messages

[error]46. TemplateAnalyzer Error AZR-000316 - File: _(retracted)_servers.bicep. Line: 53. Column 0.

Signature: ca6f59d0885f4f6139b3f0b03700602a6c0f47e35599930e2c31872c614c37ce
Tool: TemplateAnalyzer: Rule: AZR-000316 (Azure.Deployment.SecureValue). https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.Deployment.SecureValue/
Azure Bicep and Azure Resource Manager (ARM) templates can be used to deploy resources to Azure. When deploying Azure resources, sensitive values such as passwords, certificates, and keys should be passed as secure parameters. Secure parameters use the secureString or secureObject type.

Parameters that do not use secure types are recorded in logs and deployment history. These values can be retrieved by anyone with access to the deployment history.

Reproduction

see: https://github.com/Azure/PSRule.Rules.Azure/issues/1762

and run with ADO task: "Run Microsoft Defender for DevOps"

Version of PSRule

2.9.0

Version of PSRule for Azure

No response

Additional context

No response

BernieWhite commented 3 days ago

Thanks for reporting the issue @dariuszbz. Are you able to provide the version of template analyzer you are running?