AzPolicyAdvertizer

last sync: 2025-Jul-29 17:42:17 UTC

App Service apps should have local authentication methods disabled for SCM site deployments

Azure BuiltIn Policy definition

Source Azure Portal
Display name App Service apps should have local authentication methods disabled for SCM site deployments
Id aede300b-d67f-480a-ae26-4b3dfb1a1fdc
Version 1.0.3
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.3
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Disabling local authentication methods for SCM sites improves security by ensuring that App Services exclusively require Microsoft Entra identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.3'
Repository: Azure-Policy aede300b-d67f-480a-ae26-4b3dfb1a1fdc
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/basicPublishingCredentialsPolicies/allow Microsoft.Web sites/basicPublishingCredentialsPolicies properties.allow True True
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-09-22 17:59:46 change Patch (1.0.2 > 1.0.3)
2023-06-09 17:46:13 change Patch (1.0.1 > 1.0.2)
2022-07-01 16:32:34 change Patch (1.0.0 > 1.0.1)
2021-09-08 15:39:57 add aede300b-d67f-480a-ae26-4b3dfb1a1fdc
JSON compare
compare mode: version left: version right:
1.0.2 → 1.0.3 RENAMED
@@ -1,11 +1,11 @@
1
  {
2
  "displayName": "App Service apps should have local authentication methods disabled for SCM site deployments",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
- "description": "Disabling local authentication methods improves security by ensuring that App Service exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.",
6
  "metadata": {
7
- "version": "1.0.2",
8
  "category": "App Service"
9
  },
10
  "parameters": {
11
  "effect": {
 
1
  {
2
  "displayName": "App Service apps should have local authentication methods disabled for SCM site deployments",
3
  "policyType": "BuiltIn",
4
  "mode": "Indexed",
5
+ "description": "Disabling local authentication methods for SCM sites improves security by ensuring that App Services exclusively require Azure Active Directory identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.",
6
  "metadata": {
7
+ "version": "1.0.3",
8
  "category": "App Service"
9
  },
10
  "parameters": {
11
  "effect": {
JSON
api-version=2021-06-01
EPAC 
{7 items
  • displayName: "App Service apps should have local authentication methods disabled for SCM site deployments",
  • policyType: "BuiltIn",
  • mode: "Indexed",
  • description: "Disabling local authentication methods for SCM sites improves security by ensuring that App Services exclusively require Microsoft Entra identities for authentication. Learn more at: https://aka.ms/app-service-disable-basic-auth.",
  • metadata: {2 items
    • version: "1.0.3",
    • category: "App Service"
    },
  • parameters: {1 item},
  • policyRule: {2 items}
}