Pattern: Disabled incoming certificates for Azure App Service
Issue: -
The TLS mutual authentication technique in enterprise environments ensures the authenticity of clients to the server. If incoming client certificates are enabled only an authenticated client with valid certificates can access the app.
Resolution: Enable incoming certificates for clients.
Example of incorrect code:
resource "azurerm_app_service" "bad_example" {
name = "example-app-service"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
}Example of correct code:
resource "azurerm_app_service" "good_example" {
name = "example-app-service"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
client_cert_enabled = true
}