last sync: 2024-Mar-01 17:50:27 UTC

App Service app slots should have local authentication methods disabled for SCM site deployments

Azure BuiltIn Policy definition

Source Azure Portal
Display name App Service app slots should have local authentication methods disabled for SCM site deployments
Id 847ef871-e2fe-4e6e-907e-4adbf71de5cf
Version 1.0.4
Details on versioning
Category App Service
Microsoft Learn
Description Disabling local authentication methods for SCM sites improves security by ensuring that App Service slots exclusively require Microsoft Entra identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Web/sites/slots/basicPublishingCredentialsPolicies/allow Microsoft.Web sites/slots/basicPublishingCredentialsPolicies properties.allow true
Rule resource types IF (1)
Microsoft.Web/sites/slots
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-09-22 17:59:46 change Patch (1.0.3 > 1.0.4)
2023-06-09 17:46:13 change Patch (1.0.2 > 1.0.3)
2022-07-15 16:32:44 change Patch (1.0.1 > 1.0.2)
2022-07-01 16:32:34 change Patch (1.0.0 > 1.0.1)
2021-09-08 15:39:57 add 847ef871-e2fe-4e6e-907e-4adbf71de5cf
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC