rules/findings/azure/appservices/azure-app-service-virtual-network-not-integrated.json
|
{
"args": [], "provider": "Azure", "serviceType": "_ARG_0_", "serviceName": "Hosted Services", "displayName": "Ensure app is integrated with a virtual network", "description": "Integrate App Service apps with a virtual network to enable access to resources in or through a non-internet-routable virtual network.", "rationale": "Integrate App Service apps with a virtual network for increased security and control.", "impact": "Additional configuration may be required to ensure that traffic is routed properly.", "remediation": { "text": " ##### Remediate from Azure Portal 1. Go to App Services. 2. Click the name of an app. 3. Under Settings, click Networking. 4. Under Outbound traffic configuration, next to Virtual network integration, click Not configured. 5. Click Add virtual network integration. 6. Select an existing App Service Plan connection, or select New connection and select a subscription, virtual network, and subnet. 7. Click Connect. 8. Repeat steps 1-7 for each app requiring remediation. ", "code": { "powerShell": null, "iac": null, "terraform": null, "other": null } }, "recommendation": null, "references": [ "https://learn.microsoft.com/en-us/azure/app-service/overview-vnet-integration", "https://learn.microsoft.com/en-us/azure/app-service/configure-vnet-integration-enable?tabs=portal", "https://learn.microsoft.com/en-us/cli/azure/webapp", "https://learn.microsoft.com/en-us/powershell/module/az.websites/get-azwebapp?view=azps-15.4.0" ], "compliance": [ { "name": "_ARG_1_", "version": "_ARG_2_", "reference": "_ARG_3_", "profile": [ "Level 1" ] } ], "level": "medium", "tags": [], "rule": { "path": "az_app_services", "subPath": null, "selectCondition": {}, "query": [ { "filter": [ { "conditions": [ [ "ne", "networking.subnet" ] ] } ] }, { "connectOperator": "and", "filter": [ { "include": "_ARG_4_" } ] } ], "shouldExist": null, "returnObject": null, "removeIfNotExists": null }, "output": { "html": { "data": { "properties": { "name": "Name", "location": "location", "resourceGroupName": "Resource Group Name", "networking.subnet":"Subnet Id" }, "expandObject": null }, "table": "default", "decorate": [], "emphasis": [], "actions": { "objectData": { "properties": [ "name", "location", "resourceGroupName", "networking.subnet" ], "expandObject": null, "limit": null }, "showGoToButton": "True", "showModalButton": "True", "directLink": null } }, "text": { "data": { "properties": { "name": "Name", "location": "location", "resourceGroupName": "Resource Group Name", "networking.subnet":"Subnet Id" }, "expandObject": null }, "status": { "keyName": ["name"], "message": "Ensure app is integrated with a virtual network for {name}", "defaultMessage": null }, "properties": { "resourceName": "name", "resourceId": "id", "resourceType": "type" }, "onlyStatus": false } }, "idSuffix": "azure__ARG_0__vnetwork_subnet_not_integrated", "notes": [], "categories": [], "immutable_properties": [ "name", "id" ], "id": "azure_app_service__ARG_5_" } |