Azure Function App authentication is off
Description
Azure App Service Authentication is a feature that can prevent anonymous HTTP requests from reaching the Function app, or authenticate those that have tokens before they reach the Function app.
Code Example
go
resource "azurerm_function_app" "example" {
...
+ auth_settings {
+ enabled = true
}
}Remediation
Terraform
- Resource: azurerm_function_app
- Arguments: auth_settings.enabled
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0565 |
| Severity | LOW |
| IaC Type | arm |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV_AZURE_56 |