How can I create a Azure policy to audit app services authentication? I would like to enforce that all app services have Active Directory Authentication enabled, and flag other authentication methods as non-compliant.
Azure Policy to audit app service authentication
220 Views Asked by H.Scheidl At
1
There are 1 best solutions below
Related Questions in AZURE
- Why does Azure Auto-Scale scale go lower then minimum amount of instances?
- Data execution plan ended with error on DB restore
- Why does Azure CloudConfigurationManager.GetSetting return null
- Do I need other roles than Worker Role for a web site and service layer in Azure?
- Azure Web App PATH Variable Modification
- Azure Data Factory: LinkedService for AzureSql in failed state
- How To Update a Web Application In Azure and Keep The App Up the whole time
- Using Azure MobileServices library with my own LAN WebApi
- ionCube loader error on Azure IIS
- App crash (if closed) after click on notification
- How to get sql data bases instances in azure using java api
- I want to create file in azure share using python PUT requests but getting error signature not correct including headers
- Enabling OPTIONS method on Azure Cloud Service (to enable CORS)
- Redirecting subdomain to directory on Azure
- Kaltura account settings error
Related Questions in AZURE-WEB-APP-SERVICE
- How To Update a Web Application In Azure and Keep The App Up the whole time
- How do I deploy a node.js app to azure if it contains private npm modules
- Redirecting subdomain to directory on Azure
- Expected Compatibility Issues with upcoming TLS/SSL Cipher Suite update on Azure WebApps?
- Azure Wordpress deny xmlrpc
- Deploy yeoman angular-fullstack project to Azure
- Change load-balanced server for Azure web site?
- Run MSBuild from powershell without specifying .Net version
- Access to my Azure web site without ftp
- Access Registry From WebJob/WebApp
- 403 Access denied for DELETE Request .Net Web Api Rest Service on Azure
- Azure web app - cookie cached on server
- Azure WebApps - cannot load ServiceRuntime after upgrade to Azure 2.6
- Azure publishsettings file Fails to Import Using Eclipse
- npm install -g fibers fails on Azure Web App
Related Questions in AZURE-MANAGEMENT
- Azure manage compute API is failing with InvalidAPIVersion error
- Stopping SQL Azure DB when not in use
- Purpose of Azure Management Certificates
- How programatically restart a Azure VM role (PaaS VM)
- How to change Azure Media Encoder reserved unit configuration programatically?
- No Cloud Services when signing into Microsoft Azure Publish
- How do I add a contributor to a resource group without allow him to access any resource he has not created previously
- Azure Policy to audit app service authentication
- How do you get a token for an azure managed identity via REST interface?
- Azure Dashboard Widget for Monetary Credit
- What is the Preferred Practice to Create an Azure ALM-Friendly Development and Deployment Environment?
- Azure account vs tenant (and maybe vs management group)
- Managing Azure subs when MSFT and Organizational use same email
- Azure.Authenticate with interactive user login (Microsoft.Azure.Management.Fluent)
- How to register resource providers using Azure fluent resource management?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
This is not possible today. You can audit your app services to check that authentication is enabled. But you cannot specify a specific identity provider as part of the policy.
A policy to insure that Azure AD is the identity provider, you would need something like this (which won't work today). Since there is not an alias to support the field
Microsoft.Web/sites/config/siteAuthSettings.issuer, it won't work.The guidance is to submit an issue here to request an alias be added, which it appears you did already. Posting it here in case others want to follow it.