the same as here https://github.com/Azure/PSRule.Rules.Azure/issues/1762 #3185
Labels
bug
Something isn't working
integration: defender-for-devops
New feature or request for ARM Template Best Practice Analyzer
Comments
dariuszbz
added
bug
|
Thanks for reporting the issue @dariuszbz. Are you able to provide the version of template analyzer you are running? |
BernieWhite
added
the
integration: defender-for-devops
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Existing rule
No response
Description of the issue
we run the ADO "task: Run Microsoft Defender for DevOps" and we get the error like here:
#1762
our module structure is the same and we call the module the same way and we are getting the same result as an error :)
Error messages
##[error]46. TemplateAnalyzer Error AZR-000316 - File: _(retracted)_servers.bicep. Line: 53. Column 0.
Signature: ca6f59d0885f4f6139b3f0b03700602a6c0f47e35599930e2c31872c614c37ce
Tool: TemplateAnalyzer: Rule: AZR-000316 (Azure.Deployment.SecureValue). https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.Deployment.SecureValue/
Azure Bicep and Azure Resource Manager (ARM) templates can be used to deploy resources to Azure. When deploying Azure resources, sensitive values such as passwords, certificates, and keys should be passed as secure parameters. Secure parameters use the secureString or secureObject type.
Parameters that do not use secure types are recorded in logs and deployment history. These values can be retrieved by anyone with access to the deployment history.
Reproduction
see: #1762
and run with ADO task: "Run Microsoft Defender for DevOps"
Version of PSRule
2.9.0
Version of PSRule for Azure
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: