Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add built-in rule tests for various Azure resources and configurations #379

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add built-in rule tests for various Azure resources and configurations #379

wants to merge 1 commit into from

Conversation

richardsondev
Copy link
Member

@richardsondev richardsondev commented Dec 28, 2024
edited
Loading

Description

This PR adds additional tests to validate more built-in Azure Template Analyzer rules. The following rules are covered with corresponding Bicep templates and JSON test files:

  • TA-000002: Ensure remote debugging is disabled for App Services.

    • Files: AppServicesDebugging.bicep, AppServicesDebugging.json, TA-000002.json

  • TA-000005: Ensure the latest TLS version is used in App Services.

    • Files: AppServicesMinTLS.bicep, AppServicesMinTLS.json, TA-000005.json

  • TA-000008: Ensure remote debugging is disabled for Function Apps.

    • Files: AppServiceFunctionDebugging.bicep, AppServiceFunctionDebugging.json, TA-000008.json

  • TA-000009: Ensure FTPS-only enforcement for Function Apps.

    • Files: AppServiceFunctionFTPS.bicep, AppServiceFunctionFTPS.json, TA-000009.json

  • TA-000011: Ensure the latest TLS version is used in Function Apps.

    • Files: AppServiceFunctionMinTLS.bicep, AppServiceFunctionMinTLS.json, TA-000011.json

  • TA-000014: Ensure remote debugging is disabled for Web Apps.

    • Files: AppServiceWebAppDebugging.bicep, AppServiceWebAppDebugging.json, TA-000014.json

  • TA-000017: Ensure the latest TLS version is used in Web Apps.

    • Files: AppServiceWebAppMinTLS.bicep, AppServiceWebAppMinTLS.json, TA-000017.json

  • TA-000020: Audit the use of custom RBAC roles, preferring built-in roles.

    • Files: RoleDefinitionsRBAC.bicep, RoleDefinitionsRBAC.json, TA-000020.json

Each test validates both positive and negative scenarios to provide coverage for the above rules.

This checklist is used to make sure that common guidelines for a pull request are followed.

General Guidelines

  • Title of the pull request is clear and informative.
  • Description of the pull request is clear and informative.
  • I have added myself to the 'assignees'.
  • I have added 'linked issues' if relevant.

Testing Guidelines

  • Pull request includes test coverage for the included changes.

@richardsondev richardsondev requested a review from a team as a code owner December 28, 2024 14:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@richardsondev