You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/app-service/security-controls-policy.md
+59-1Lines changed: 59 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: Azure Policy Regulatory Compliance controls for Azure App Service
3
3
description: Lists Azure Policy Regulatory Compliance controls available for Azure App Service. These built-in policy definitions provide common approaches to managing the compliance of your Azure resources.
4
-
ms.date: 09/12/2022
4
+
ms.date: 09/19/2022
5
5
ms.topic: sample
6
6
ms.service: app-service
7
7
ms.custom: subject-policy-compliancecontrols
@@ -21,7 +21,65 @@ compliant with the specific standard.
21
21
22
22
## Release notes
23
23
24
+
### September 2022
25
+
26
+
-**App Service apps should be injected into a virtual network**
27
+
- Update scope of policy to remove slots
28
+
- Creation of "App Service app slots should be injected into a virtual network" to monitor slots
29
+
-**App Service app slots should be injected into a virtual network**
30
+
- New policy created
31
+
-**Function apps should have 'Client Certificates (Incoming client certificates)' enabled**
32
+
- Update scope of policy to remove slots
33
+
- Creation of "Function app slots should have 'Client Certificates (Incoming client certificates)' enabled" to monitor slots
34
+
-**Function app slots should have 'Client Certificates (Incoming client certificates)' enabled**
35
+
- New policy created
36
+
-**Function apps should use an Azure file share for its content directory**
37
+
- Update scope of policy to remove slots
38
+
- Creation of "Function app slots should use an Azure file share for its content directory" to monitor slots
39
+
-**Function app slots should use an Azure file share for its content directory**
40
+
- New policy created
41
+
-**App Service apps should have 'Client Certificates (Incoming client certificates)' enabled**
42
+
- Update scope of policy to remove slots
43
+
- Creation of "App Service app slots should have 'Client Certificates (Incoming client certificates)' enabled" to monitor slots
44
+
-**App Service app slots should have 'Client Certificates (Incoming client certificates)' enabled**
45
+
- New policy created
46
+
-**App Service apps should use an Azure file share for its content directory**
47
+
- Update scope of policy to remove slots
48
+
- Creation of "App Service app slots should use an Azure file share for its content directory" to monitor slots
49
+
-**App Service app slots should use an Azure file share for its content directory**
50
+
- New policy created
51
+
-**Function app slots should require FTPS only**
52
+
- New policy created
53
+
-**App Service app slots should require FTPS only**
54
+
- New policy created
55
+
-**Function app slots should not have CORS configured to allow every resource to access your apps**
56
+
- New policy created
57
+
-**App Service app slots should not have CORS configured to allow every resource to access your app**
58
+
- New policy created
59
+
-**Function apps should only be accessible over HTTPS**
60
+
- Update scope of policy to remove slots
61
+
- Creation of "Function app slots should only be accessible over HTTPS" to monitor slots
62
+
- Add "Deny" effect
63
+
- Creation of "Configure Function apps to only be accessible over HTTPS" for enforcement of policy
64
+
-**Function app slots should only be accessible over HTTPS**
65
+
- New policy created
66
+
-**Configure Function apps to only be accessible over HTTPS**
67
+
- New policy created
68
+
-**Configure Function app slots to only be accessible over HTTPS**
69
+
- New policy created
70
+
-**App Service apps should use a SKU that supports private link**
71
+
- Update list of supported SKUs of policy to include the Workflow Standard tier for Logic Apps
72
+
-**Configure App Service apps to use the latest TLS version**
73
+
- New policy created
74
+
-**Configure Function apps to use the latest TLS version**
75
+
- New policy created
76
+
-**Configure App Service apps to turn off remote debugging**
77
+
- New policy created
78
+
-**Configure Function apps to turn off remote debugging**
79
+
- New policy created
80
+
24
81
### August 2022
82
+
25
83
-**App Service apps should only be accessible over HTTPS**
26
84
- Update scope of policy to remove slots
27
85
- Creation of "App Service app slots should only be accessible over HTTPS" to monitor slots
0 commit comments