AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

App Service app slots should have local authentication methods disabled for SCM site deployments

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

App Service app slots should have local authentication methods disabled for SCM site deployments

847ef871-e2fe-4e6e-907e-4adbf71de5cf

Version

1.0.4
Details on versioning

Category

App Service
Microsoft Learn

Description

Disabling local authentication methods for SCM sites improves security by ensuring that App Service slots exclusively require Microsoft Entra identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/allow	Microsoft.Web	sites/slots/basicPublishingCredentialsPolicies	properties.allow	True		True

Rule resource types

IF (1)
Microsoft.Web/sites/slots

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-09-22 17:59:46	change	Patch (1.0.3 > 1.0.4)
2023-06-09 17:46:13	change	Patch (1.0.2 > 1.0.3)
2022-07-15 16:32:44	change	Patch (1.0.1 > 1.0.2)
2022-07-01 16:32:34	change	Patch (1.0.0 > 1.0.1)
2021-09-08 15:39:57	add	847ef871-e2fe-4e6e-907e-4adbf71de5cf

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC