Azure Spring Cloud API Portal is not enabled for HTTPS

Description

Enabling HTTPS for your Azure Spring Cloud API Portal can help improve the security of your API portal. HTTPS is a secure protocol that encrypts data in transit, and using it can help prevent attackers from intercepting and reading your data.

Code Example

resource "azurerm_spring_cloud_api_portal" "pass" {
  name                          = "default"
  spring_cloud_service_id       = azurerm_spring_cloud_service.example.id
  gateway_ids                   = [azurerm_spring_cloud_gateway.example.id]
  https_only_enabled            = true
  public_network_access_enabled = true
  instance_count                = 1
  sso {
    client_id     = "test"
    client_secret = "secret"
    issuer_uri    = "https://www.example.com/issueToken"
    scope         = ["read"]
  }
}

Remediation

Terraform

Resources: azurerm_spring_cloud_api_portal
Attribute: https_only_enabled

Rule Details

Field	Value
ID	IAC-0668
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_AZURE_161

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Azure Spring Cloud API Portal is not enabled for HTTPS

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Azure Spring Cloud API Portal is not enabled for HTTPS ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Azure Spring Cloud API Portal is not enabled for HTTPS

Description

Code Example

Remediation

Rule Details

References