Policy Settings
The Azure CIS v2.0.0 - Section 9 - App Service policy pack has 8 policy settings:
Policy | Setting | Note |
---|---|---|
Azure > App Service > Web App > Approved | Check: Approved | Azure CIS v2.0.0 - Control: 9.1, 9.6, 9.7 and 9.8 |
Azure > App Service > Web App > Approved > Custom | Calculated | Azure CIS v2.0.0 - Control: 9.1, 9.6, 9.7 and 9.8 |
Azure > App Service > Web App > Client Certificate Mode | Check: Require | Azure CIS v2.0.0 - Control: 9.4 |
Azure > App Service > Web App > FTPS State | Check: FTPS only | Azure CIS v2.0.0 - Control: 9.10 |
Azure > App Service > Web App > HTTP 2.0 Enabled | Check: Enabled | Azure CIS v2.0.0 - Control: 9.9 |
Azure > App Service > Web App > HTTPS Only | Check: Enabled | Azure CIS v2.0.0 - Control: 9.2 |
Azure > App Service > Web App > Minimum TLS Version | Check: TLS 1.2 | Azure CIS v2.0.0 - Control: 9.3 |
Azure > App Service > Web App > System Assigned Identity | Check: Enabled | Azure CIS v2.0.0 - Control: 9.5 |