Azure web app does not redirect all HTTP traffic to HTTPS in Azure App Service Slot
Description
Redirecting all HTTP traffic to HTTPS for your Azure web app in the App Service slot can help improve the security of your app. HTTPS is a secure protocol that encrypts data in transit, and using it can help prevent attackers from intercepting and reading your data.
Code Example
go
resource "azurerm_app_service_slot" "pass" {
name = random_id.server.hex
app_service_name = azurerm_app_service.example.name
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
https_only = true #thedefault
min_tls_version="1.1" #the default is 1.2
remote_debugging_enabled=true #default is false
site_config {
dotnet_framework_version = "v4.0"
}
app_settings = {
"SOME_KEY" = "some-value"
}
connection_string {
name = "Database"
type = "SQLServer"
value = "Server=some-server.mydomain.com;Integrated Security=SSPI"
}
}Remediation
Terraform
- Resource: azurerm_app_service_slot
- Arguments: https_only (true is default)
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0660 |
| Severity | LOW |
| IaC Type | arm |
| Frameworks | Terraform |
| Checkov ID | CKV_AZURE_153 |