AzPolicyAdvertizer

last sync: 2025-Jul-22 17:47:35 UTC

App Service apps that use Java should use a specified 'Java version'

Azure BuiltIn Policy definition

Source Azure Portal
Display name App Service apps that use Java should use a specified 'Java version'
Id 496223c3-ad65-4ecd-878a-bae78737e9ed
Version 3.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
3.1.0
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for App Service apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. This policy only applies to Linux apps. This policy requires you to specify a Java version that meets your requirements.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '3.*.*'
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/config/web.linuxFxVersion Microsoft.Web sites/config properties.linuxFxVersion True False
Rule resource types IF (1)
Compliance
The following 8 compliance controls are associated with this Policy definition 'App Service apps that use Java should use a specified 'Java version'' (496223c3-ad65-4ecd-878a-bae78737e9ed)
Rows: 1-8 / 8

Columns:

Close

Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
C.04.3 - Technical vulnerabilities C.04.3 - Technical vulnerabilities 404 not found n/a n/a 26
C.04.3 - Timelines C.04.3 - Timelines 404 not found n/a n/a 20
C.04.6 - Technical vulnerabilities C.04.6 - Technical vulnerabilities 404 not found n/a n/a 27
C.04.6 - Timelines C.04.6 - Timelines 404 not found n/a n/a 20
C.04.7 - Evaluated C.04.7 - Evaluated 404 not found n/a n/a 55
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 408
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 385
New_Zealand_ISM 14.5.8.C.01 New_Zealand_ISM_14.5.8.C.01 New_Zealand_ISM_14.5.8.C.01 14. Software security 14.5.8.C.01 Web applications n/a Agencies SHOULD follow the documentation provided in the Open Web Application Security Project guide to building secure Web applications and Web services. 18
Initiatives usage
Rows: 1-5 / 5
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Page of 1
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Control the use of App Service in a Virtual Enclave 528d78c5-246c-4f26-ade6-d30798705411 VirtualEnclaves Preview BuiltIn true
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
New Zealand ISM 4f5b1359-4f8e-4d7c-9733-ea47fcde891e Regulatory Compliance GA BuiltIn unknown
NL BIO Cloud Theme 6ce73208-883e-490f-a2ac-44aac3b3687f Regulatory Compliance GA BuiltIn unknown
NL BIO Cloud Theme V2 d8b2ffbe-c6a8-4622-965d-4ade11d1d2ee Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-05-01 17:41:52 change Minor (3.0.0 > 3.1.0)
2022-07-01 16:32:34 change Major (2.0.0 > 3.0.0)
2020-10-20 13:29:33 change Major (1.0.0 > 2.0.0)
2019-11-12 19:11:12 add 496223c3-ad65-4ecd-878a-bae78737e9ed
JSON compare
compare mode: version left: version right:
3.0.0 → 3.1.0 RENAMED
@@ -1,11 +1,11 @@
1
  {
2
- "displayName": "Ensure that 'Java version' is the latest, if used as a part of the Web app",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
- "description": "Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for web apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. Currently, this policy only applies to Linux web apps.",
6
  "metadata": {
7
- "version": "3.0.0",
8
  "category": "App Service"
9
  },
10
  "parameters": {
11
  "effect": {
@@ -22,12 +22,21 @@
22
  },
23
  "JavaLatestVersion": {
24
  "type": "String",
25
  "metadata": {
26
- "displayName": "Latest Java version",
27
- "description": "Latest supported Java version for App Services"
 
28
  },
29
  "defaultValue": "11"
 
 
 
 
 
 
 
 
30
  }
31
  },
32
  "policyRule": {
33
  "if": {
@@ -58,9 +67,9 @@
58
  "notContains": "JAVA"
59
  },
60
  {
61
  "field": "Microsoft.Web/sites/config/web.linuxFxVersion",
62
- "like": "[concat('*', parameters('JavaLatestVersion'))]"
63
  }
64
  ]
65
  }
66
  }
 
1
  {
2
+ "displayName": "App Service apps that use Java should use a specified 'Java version'",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
+ "description": "Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for App Service apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. This policy only applies to Linux apps. This policy requires you to specify a Java version that meets your requirements.",
6
  "metadata": {
7
+ "version": "3.1.0",
8
  "category": "App Service"
9
  },
10
  "parameters": {
11
  "effect": {
 
22
  },
23
  "JavaLatestVersion": {
24
  "type": "String",
25
  "metadata": {
26
+ "displayName": "[Deprecated]: Latest Java version",
27
+ "description": "Latest supported Java version for App Services",
28
+ "deprecated": true
29
  },
30
  "defaultValue": "11"
31
+ },
32
+ "LinuxJavaVersion": {
33
+ "type": "String",
34
+ "metadata": {
35
+ "displayName": "Linux Java version",
36
+ "description": "Specify a supported Java version for App Service"
37
+ },
38
+ "defaultValue": ""
39
  }
40
  },
41
  "policyRule": {
42
  "if": {
 
67
  "notContains": "JAVA"
68
  },
69
  {
70
  "field": "Microsoft.Web/sites/config/web.linuxFxVersion",
71
+ "equals": "[concat('JAVA|', parameters('LinuxJavaVersion'))]"
72
  }
73
  ]
74
  }
75
  }
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "App Service apps that use Java should use a specified 'Java version'",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Periodically, newer versions are released for Java software either due to security flaws or to include additional functionality. Using the latest Java version for App Service apps is recommended in order to take advantage of security fixes, if any, and/or new functionalities of the latest version. This policy only applies to Linux apps. This policy requires you to specify a Java version that meets your requirements.",
  • metadata: {2 items
    • version: "3.1.0",
    • category: "App Service"
    },
  • parameters: {3 items},
  • policyRule: {2 items}
}