Benchmark: 9 AppService
Overview
This section covers security recommendations for Azure AppService.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 9 AppService.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v210_9Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v210_9 --shareControls
- 9.1 Ensure App Service Authentication is set up for apps in Azure App Service
- 9.2 Ensure Web App Redirects All HTTP traffic to HTTPS in Azure App Service
- 9.3 Ensure Web App is using the latest version of TLS encryption
- 9.4 Ensure that Register with Entra ID is enabled on App Service
- 9.5 Ensure That 'PHP version' is the Latest, If Used to Run the Web App
- 9.6 Ensure that 'Python version' is the Latest Stable Version, if Used to Run the Web App
- 9.7 Ensure that 'Java version' is the latest, if used to run the Web App
- 9.8 Ensure that 'HTTP Version' is the Latest, if Used to Run the Web App
- 9.9 Ensure FTP deployments are Disabled
- 9.10 Ensure Azure Key Vaults are Used to Store Secrets