Evaluate database(Cosmos, Azure SQL etc) security of all templates #1142
Comments
|
I would like to mention in this context that https://github.com/Azure-Samples/todo-csharp-sql effectively disables the SQL firewall by adding an allow-all rule, which is not mentioned anywhere in the readme. Given that this is going to be taken as a reference solution I'd argue this is effectively putting a bomb in code that people will trust is aligned to best practices which it very much is not. |
|
Also consider adding how the password generation works in the security section. #994 has the source code. From what I'm reading, azd calls this command internally, always expects a kv name and key, looks up the secret using the key provided from kv, if it exists, returns it, else generates a new one and returns that |
rajeshkamal5050
modified the milestones:
Mar 8 - Release 0.7,
May 3 - RC (Release Candidate)
rajeshkamal5050
changed the title
|
Not a must-fix for GA. Moving to Germanium. Since Bicep related efforts i.e, moving bicep modules(azure-dev -> awesome-azd), following best practices, moving into bicep registry will be handled in Germanium. |
No description provided.
The text was updated successfully, but these errors were encountered: