Azure.AppService.UseHTTPS reports fail although app service is deployed with https only #1919
Comments
|
@MarcelHeek Thanks for reporting the issue. Is this false positive being reported from AzGovViz or from the in-flight process mentioned here https://azure.github.io/PSRule.Rules.Azure/export-rule-data/? |
|
@BernieWhite , I am actually reviewing the AzGovViz output, so yes, from AzGovViz. |
BernieWhite
added
the
integration: azgovviz
|
@BernieWhite I am actually also getting false-positives from the rule Azure.Storage.MinTLS So is this an integration issue with the AzGovViz tool, right ? Should I also raise issue here : https://github.com/JulianHayward/Azure-MG-Sub-Governance-Reporting ? |
|
@MarcelHeek Just investigating it, but I think the We have a similar issue with #1914. |
|
@MarcelHeek please test with fix branch |
|
@JulianHayward Is this fix branch already merged in v6_major_20221204_1 release, by any chance? Gues so, so I will give that one a go. |
|
@MarcelHeek Please let us know if that fixes the problem. Thanks @JulianHayward. |
|
I still get FAIL results for a simple WebApp. First proof of new version being used: The results as obtained from the PSRule csv output generated by the AzGovViz tool: And the actual configuration in the Azure portal: Last Friday I looked into a manual run of the PSRule.Rules.Azure module, and there (I only collected the FAIL results) the webapp was not in the list for this rule violation. If any additional information is needed, please let me know. |
|
FYI: evaluating how to handle resources with child resources in the AzGovViz integration |
Description of the issue
We have (via IaC) deployed app services with the property 'https_only = true' in Terraform F CAF code.
When reviewing the deployed resource in the Azure portal is is actually set to HTTP Only, as can be seen in the screenshot
We see the same incorrect PSRule results on multiple app services deployed with similar code and with the HTTPS Only property set.
Steps to reproduce the issue:
Expected behaviour
I would expect that app service resources with HTTPS only would flag as passed instead of failed.
Error output
Module in use and version:
Captured output from
$PSVersionTable:Additional context
The text was updated successfully, but these errors were encountered: