-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
WebApp_Audit_python_Latest.json
95 lines (95 loc) · 2.99 KB
/
WebApp_Audit_python_Latest.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
{
"properties": {
"displayName": "App Service apps that use Python should use a specified 'Python version'",
"policyType": "BuiltIn",
"mode": "Indexed",
"description": "Periodically, newer versions are released for Python software either due to security flaws or to include additional functionality. Using the latest Python version for App Service apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. This policy only applies to Linux apps. This policy requires you to specify a Python version that meets your requirements.",
"metadata": {
"version": "4.1.0",
"category": "App Service"
},
"version": "4.1.0",
"parameters": {
"effect": {
"type": "string",
"defaultValue": "AuditIfNotExists",
"allowedValues": [
"AuditIfNotExists",
"Disabled"
],
"metadata": {
"displayName": "Effect",
"description": "Enable or disable the execution of the policy"
}
},
"WindowsPythonLatestVersion": {
"type": "String",
"metadata": {
"displayName": "Latest Windows Python version",
"description": "Latest supported Python version for App Services",
"deprecated": true
},
"defaultValue": "3.6"
},
"LinuxPythonLatestVersion": {
"type": "String",
"defaultValue": "3.9",
"metadata": {
"displayName": "Linux Latest Python version",
"description": "Latest supported Python version for App Services",
"deprecated": true
}
},
"LinuxPythonVersion": {
"type": "String",
"defaultValue": "",
"metadata": {
"displayName": "Linux Python version",
"description": "Specify a supported Python version for App Service"
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Web/sites"
},
{
"field": "kind",
"notContains": "functionapp"
},
{
"field": "kind",
"contains": "linux"
}
]
},
"then": {
"effect": "[parameters('effect')]",
"details": {
"type": "Microsoft.Web/sites/config",
"name": "web",
"existenceCondition": {
"anyOf": [
{
"field": "Microsoft.Web/sites/config/web.linuxFxVersion",
"notContains": "PYTHON"
},
{
"field": "Microsoft.Web/sites/config/web.linuxFxVersion",
"equals": "[concat('PYTHON|', parameters('LinuxPythonVersion'))]"
}
]
}
}
}
},
"versions": [
"4.1.0"
]
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/7008174a-fd10-4ef0-817e-fc820a951d73",
"name": "7008174a-fd10-4ef0-817e-fc820a951d73"
}