Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable cryptographic keys for App Configuration stores #1691

Closed
BernieWhite opened this issue Sep 21, 2022 · 1 comment · Fixed by #1693
Closed

Disable cryptographic keys for App Configuration stores #1691

BernieWhite opened this issue Sep 21, 2022 · 1 comment · Fixed by #1693
Assignees
@pazdedav
Labels
ms-hack-2022 Issues related to Microsoft Global Hackathon 2022 pillar: security Aligned to the Security pillar. rule: app-configuration Rules for App Configuration
Milestone
v1.20.0

Comments

@BernieWhite
Copy link
Collaborator

Rule request

Suggested rule change

Configuration stores supports two authorization methods, access keys and Azure AAD identities. Using Azure AD identities centralizes identity management and auditing.

Access keys are disabled by setting the properties.disableLocalAuth property to true.

Applies to the following

The rule applies to the following:

  • Resource type: Microsoft.AppConfiguration/configurationStores

Additional context

Centralize all identity systems
Azure deployment reference
Disable access key authentication for an Azure App Configuration instance

Related rules include:
@BernieWhite BernieWhite added ms-hack-2022 Issues related to Microsoft Global Hackathon 2022 rule: app-configuration Rules for App Configuration pillar: security Aligned to the Security pillar. labels Sep 21, 2022
@pazdedav pazdedav self-assigned this Sep 21, 2022
@pazdedav
Copy link
Contributor

I am taking AZR-000291 ID for this new rule.

@pazdedav pazdedav mentioned this issue Sep 21, 2022
Merged
11 tasks
@pazdedav pazdedav added this to the v1.20.0 milestone Sep 22, 2022
@BernieWhite BernieWhite mentioned this issue Sep 25, 2022
Merged
4 tasks
@BernieWhite BernieWhite mentioned this issue Oct 8, 2022
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pazdedav pazdedav

Labels
ms-hack-2022 Issues related to Microsoft Global Hackathon 2022 pillar: security Aligned to the Security pillar. rule: app-configuration Rules for App Configuration
Projects
None yet
Milestone
v1.20.0
Development

Successfully merging a pull request may close this issue.

Use identity-based authentication for App Configuration pazdedav/PSRule.Rules.Azure
2 participants
@pazdedav @BernieWhite