Policy: Azure > CIS v3.0 > 09 - Application Services
Covers security recommendations for Azure AppService.
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Related Policies
- 09.01 - Ensure 'HTTPS Only' is set to `On`
- 09.02 - Ensure App Service Authentication is set up for apps in Azure App Service
- 09.03 - Ensure 'FTP State' is set to 'FTPS Only' or 'Disabled'
- 09.04 - Ensure Web App is using the latest version of TLS encryption
- 09.05 - Ensure that Register with Entra ID is enabled on App Service
- 09.06 - Ensure that 'Basic Authentication' is 'Disabled'
- 09.07 - Ensure that 'PHP version' is currently supported (if in use)
- 09.08 - Ensure that 'Python version' is currently supported (if in use)
- 09.09 - Ensure that 'Java version' is currently supported (if in use)
- 09.10 - Ensure that 'HTTP20enabled' is set to 'true' (if in use)
- 09.11 - Ensure Azure Key Vaults are Used to Store Secrets
- 09.12 - Ensure that 'Remote debugging' is set to 'Off'
- Maximum Attestation Duration
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv3-0#/policy/types/s09
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv3-0#/policy/types/s09"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv3-0#/policy/types/s09"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI