AzPolicyAdvertizer

last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

App Service app slots should not have CORS configured to allow every resource to access your apps

Source Azure Portal
Display name App Service app slots should not have CORS configured to allow every resource to access your apps
Id cae7c12e-764b-4c87-841a-fdc6675d196f
Version 1.0.0
details on versioning
Category App Service
Microsoft docs
Description Cross-Origin Resource Sharing (CORS) should not allow all domains to access your app. Allow only required domains to interact with your app.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Web/sites/slots/config/web.cors.allowedOrigins[*] Microsoft.Web sites/slots/config properties.cors.allowedOrigins[*] false
Rule resource types IF (1)
Microsoft.Web/sites/slots
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-19 17:41:40 add cae7c12e-764b-4c87-841a-fdc6675d196f
JSON compare n/a
JSON
api-version=2021-06-01