Mods Policy Packs Docs Home

Loading policies...

Policy: Azure > CIS v1 > 9 Application Services

Covers security recommendations for Azure AppService.

Targets

This policy targets the following resource types:

Azure > Subscription

Primary Policy

This policy is used with the following primary policy:

Azure > CIS v1

9.01 Ensure App Service Authentication is set on Azure App Service (Scored)
9.02 Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service (Scored)
9.03 Ensure web app is using the latest version of TLS encryption (Scored)
9.04 Ensure the web app has 'Client Certificates (Incoming client certificates)' set to 'On' (Scored)
9.05 Ensure that Register with Azure Active Directory is enabled on App Service (Scored)
9.06 Ensure that '.Net Framework' version is the latest, if used as a part of the web app (Not Scored)
9.07 Ensure that 'PHP version' is the latest, if used to run the web app (Not Scored)
9.08 Ensure that 'Python version' is the latest, if used to run the web app (Not Scored)
9.09 Ensure that 'Java version' is the latest, if used to run the web app (Not Scored)
9.10 Ensure that 'HTTP Version' is the latest, if used to run the web app (Not Scored)

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip`
Examples [YAML]	`Skip`

Category

CIS

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/cis#/control/categories/cis

Policy Type URI

tmod:@turbot/azure-cisv1#/policy/types/s09

GraphQL

query policyType(id: "tmod:@turbot/azure-cisv1#/policy/types/s09") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-cisv1#/policy/types/s09'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-cisv1#/policy/types/s09'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-cisv1#/policy/types/s09"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv1#/policy/types/s09"