Azure Automation account variables are not encrypted
Description
If you have Automation Account Variables storing sensitive data that are not already encrypted, then you will need to delete them and recreate them as encrypted variables.
Code Example
text
{
"Set-AzAutomationVariable -AutomationAccountName '{AutomationAccountName}' -Encrypted $true -Name '{VariableName}' -ResourceGroupName '{ResourceGroupName}' -Value '{Value}'",
}Remediation
- In Azure CLI*
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0581 |
| Severity | LOW |
| IaC Type | arm |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV_AZURE_73 |