Azure Event Grid Topic Local Authentication Enabled
Description
Azure Event Grid is a managed event routing service based on the publish-subscribe protocol. Event publishers send events to a topic, which then routes events to all subscribed event handlers. When building systems that react to the changes happening in Azure resources, Azure Event Grid can help to streamline and simplify the design and scalability of such systems.
However, for security purposes, it is recommended to avoid using local authentication mechanisms. These mechanisms can be less secure than managed or cloud-based mechanisms, potentially exposing the system to threats.
This policy ensures that local authentication for Azure Event Grid Topics is disabled.
Code Example
terraform
resource "azurerm_eventgrid_topic" "example" {
name = "example-topic"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
# ... other configurations ...
+ local_auth_enabled = false
# ... other configurations ...
}Remediation
Terraform
Resource:
- azurerm_eventgrid_topic
Arguments:
- local_auth_enabled
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0699 |
| Severity | MEDIUM |
| IaC Type | arm |
| Frameworks | Terraform, |
| Checkov ID | CKV_AZURE_192 |