PSRule.Rules.Azure
PSRule.Rules.Azure copied to clipboard
Azure
Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.
# Rule request ## Suggested rule change Diagnostic logs in Event Hub should be enabled. Enable logs and retain them for up to a year. This enables you to recreate...
Bumps [System.CommandLine](https://github.com/dotnet/command-line-api) from 2.0.0-beta1.21308.1 to 2.0.0-beta4.22272.1. Release notes Sourced from System.CommandLine's releases. System.CommandLine v2.0.0-beta4.22272.1 For details on the Beta 4 release, please see #1750. What's Changed Added ZSH Completion Shim...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
### Your suggestion Update existing code function to use SHA-512 by default for hashing rules for naming instead of SHA-256. Also add support for configuration of other hashing functions for...
Bumps [System.Management.Automation](https://github.com/PowerShell/PowerShell) from 7.3.7 to 7.4.0. Release notes Sourced from System.Management.Automation's releases. v7.4.0 Release of PowerShell 7.4.0 - 2023-11-16 General Cmdlet Updates and Fixes Added a missing ConfigureAwait(false) call to...
### Your suggestion When exporting policies as rules, currently there is no standard practise or property for providing a help link. Currently many built-in policy initiatives provide a link to...
### Your suggestion Update existing code to use the same hash algorithm for uniqueString function that Azure does. ### Alternatives Nothing. ### Additional context Azure.Deployments.Expression and Azure.Deployments.Core NuGet packages contain...
### Existing rule _No response_ ### Suggested rule Promote the following rules to GA rule set because these features are now GA: - `Azure.Defender.Storage.MalwareScan` - `Azure.Defender.Storage.SensitiveData` - `Azure.Storage.DefenderCloud.MalwareScan` - `Azure.Storage.DefenderCloud.SensitiveData`...
### Existing rule Azure.Deployment.SecureValue ### Suggested rule Container app properties on the `Microsoft.App/containerApps` type should be added as cases: - `properties.configuration.secrets[*].value` Container job properties on the `Microsoft.App/jobs` type should be...
### Existing rule Azure.Deployment.SecureValue ### Suggested rule The deployment script property `properties.environmentVariables[*].secureValue` or `properties.storageAccountSettings.storageAccountKey` should be provided from a secure source. Resource type `Microsoft.Resources/deploymentScripts`. ### Pillar Security ### Additional context...
Add additional rules for: - [x] Use a pricing tier of standard or premium due to limitations with trial. - [x] Set publicNetworkAccess parameter to Disabled. - [ ] Azure...