AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Web Application should only be accessible over HTTPS

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-AppServiceWebApp-http
Deploy policy Deny-AppServiceWebApp-http (1.0.0) to Azure
Display name Web Application should only be accessible over HTTPS
Id Deny-AppServiceWebApp-http
Version 1.0.0
Details on versioning
Category App Service
Description Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks.
Cloud environments AzureChinaCloud
AzureCloud
AzureUSGovernment
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Deny
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/httpsOnly Microsoft.Web sites properties.httpsOnly True True
Rule resource types IF (1)
Microsoft.Web/sites
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State
[Deprecated]: Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit_20240509 Encryption Deprecated
[Deprecated]: Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit Encryption Deprecated
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit_20241211 Encryption GA
History none
JSON compare n/a
JSON
EPAC
Deploy policy Deny-AppServiceWebApp-http (1.0.0) to Azure