Azure Cognitive Services account configured with local authentication

Description

This policy checks whether local authentication is disabled in Azure Cognitive Services accounts. Local authentication, when enabled, allows any authenticated user to make changes, regardless of location. This can be risky because it doesn't enforce additional security measures beyond basic authentication, and can potentially lead to unauthorized access, data breaches, and other security issues. Disabling local authentication strengthens security by requiring users to utilize more secure methods.

Code Example

resource "azurerm_cognitive_account" "example" {
  ...
+  local_auth_enabled = false
}

Remediation

Terraform

Resource: azurerm_cognitive_account
Arguments: local_auth_enabled

Set the `local_auth_enabled` parameter to false for the cognitive services resource.

Rule Details

Field	Value
ID	IAC-0743
Severity	LOW
IaC Type	arm
Frameworks	Terraform, TerraformPlan
Checkov ID	CKV_AZURE_236

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Azure Cognitive Services account configured with local authentication

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Azure Cognitive Services account configured with local authentication ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Azure Cognitive Services account configured with local authentication

Description

Code Example

Remediation

Rule Details

References