AzPolicyAdvertizer

last sync: 2025-Jun-13 17:23:19 UTC

[Deprecated]: Remote debugging should be turned off for API Apps

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Remote debugging should be turned off for API Apps
Id e9c8d085-d9cc-4b17-9cdc-059f1f01f19e
Version 1.0.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0 (1.0.0-deprecated)
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Remote debugging requires inbound ports to be opened on API apps. Remote debugging should be turned off. We recommend all customers who are still using API Apps to implement the built-in policy called 'App Service apps should have remote debugging turned off', which is scoped to include API apps in addition to Web Apps.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Assessment(s) Assessments count: 1
Assessment Id: 9172da4e-9571-6e33-2b5b-d742847f3be7
DisplayName: Remote debugging should be turned off for API App
Description: Remote debugging requires inbound ports to be opened on an API app. Remote debugging should be turned off.
Remediation description: To turn off remote debugging, we recommend the following steps:
1. Go to the app service applications settings page
2. In the remote debugging toggle select Off
3. Click Save
Categories: AppServices
Severity: Low
User impact: Low
Implementation effort: Low
Threats: DataExfiltration, MaliciousInsider
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/config/remoteDebuggingEnabled Microsoft.Web sites/config properties.remoteDebuggingEnabled True False
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-01 16:32:34 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC