AzPolicyAdvertizer

last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

Function app slots should not have CORS configured to allow every resource to access your apps

Source Azure Portal
Display name Function app slots should not have CORS configured to allow every resource to access your apps
Id a1a22235-dd10-4062-bd55-7d62778f41b0
Version 1.0.0
details on versioning
Category App Service
Microsoft docs
Description Cross-Origin Resource Sharing (CORS) should not allow all domains to access your Function app. Allow only required domains to interact with your Function app.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Web/sites/slots/config/web.cors.allowedOrigins[*] Microsoft.Web sites/slots/config properties.cors.allowedOrigins[*] false
Rule resource types IF (1)
Microsoft.Web/sites/slots
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-19 17:41:40 add a1a22235-dd10-4062-bd55-7d62778f41b0
JSON compare n/a
JSON
api-version=2021-06-01