AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Configure App Service apps to disable local authentication for SCM sites

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure App Service apps to disable local authentication for SCM sites

5e97b776-f380-4722-a9a3-e7f0be029e79

Version

1.0.3
Details on versioning

Category

App Service
Microsoft Learn

Description

Disabling local authentication methods for SCM sites improves security by ensuring that App Services exclusively require Microsoft Entra identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Website Contributor	de139f84-1756-47ae-9be6-808fbbe84772

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Web/sites/basicPublishingCredentialsPolicies/allow	Microsoft.Web	sites/basicPublishingCredentialsPolicies	properties.allow	True		True

Rule resource types

IF (1)
Microsoft.Web/sites
THEN-Deployment (1)
Microsoft.Web/sites/basicPublishingCredentialsPolicies

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
Enforce recommended guardrails for App Service	Enforce-Guardrails-AppServices	App Service	GA	ALZ

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-09-22 17:59:46	change	Patch (1.0.2 > 1.0.3)
2023-06-09 17:46:13	change	Patch (1.0.1 > 1.0.2)
2022-07-01 16:32:34	change	Patch (1.0.0 > 1.0.1)
2021-09-08 15:39:57	add	5e97b776-f380-4722-a9a3-e7f0be029e79

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC