Bernie White

icon company Microsoft icon location Australia icon location Software Engineer and architect at Microsoft. Code, coffee, continue.

Results 291 issues of Bernie White

Baseline selectors

Currently baselines can select rules to run: - Include by name - Exclude by name - Include by tag - Include by label These filters are powerful when clear tags...

feature: baselines

[RULE] Check service bus replica locations are within allowed regions

### Existing rule _No response_ ### Suggested rule When service bus replication is configured any configured locations should be in the allowed location list if configured. ### Pillar Security ###...

pillar: security
rule: service-bus

[RULE] Check that additional fleet locations are within allow regions

### Existing rule _No response_ ### Suggested rule Any configured additional locations of fleet resources should be within allowed locations if configured. ### Pillar Security ### Additional context This is...

pillar: security
rule: fleet

[RULE] Promote Azure.VNG.MaintenanceConfig to GA

### Existing rule Azure.VNG.MaintenanceConfig ### Suggested rule Promote `Azure.VNG.MaintenanceConfig` to GA rule set because it is no longer in preview. ### Pillar Reliability ### Additional context _No response_

rule: network
pillar: reliability

[RULE] Check if Entra auth is enabled for MongoDB vCore clusters

### Existing rule _No response_ ### Suggested rule Now that Entra ID auth is available for use in MongoDB vCore clusters (in preview) for `Microsoft.DocumentDB/mongoClusters`, this should be used instead...

rule: cosmos
lifecycle: preview
pillar: security

[RULE] Use pinned script dependencies

### Existing rule _No response_ ### Suggested rule When pulling in external files that will be executed such as scripts a pinned URL should be used, to prevent the file...

rule: deployment
rule: automation-account
pillar: security

[RULE] Check for public key usage on Linux fleet VM profiles

### Existing rule Azure.VM.PublicKey ### Suggested rule Add support for `Microsoft.AzureFleet/fleets` with a new rule similar to `Azure.VM.PublicKey`. ### Pillar Security ### Additional context https://learn.microsoft.com/en-us/azure/templates/microsoft.azurefleet/fleets?pivots=deployment-language-bicep

pillar: security
rule: fleet

[RULE] Check for cases when a sensitive value is set on a non-secure property

### Existing rule _No response_ ### Suggested rule Check for cases when a sensitive value is set on a non-secure property. ### Pillar Security ### Additional context _No response_

rule: deployment
pillar: security

[RULE] Check for zone redundancy on Azure Managed Grafana

### Existing rule _No response_ ### Suggested rule Check if `zoneRedundancy` is `Enabled` in a region that support AZ. Currently provider information does not expose zones for the `Azure Managed...

pillar: reliability
rule: managed-grafana

[FEATURE] Export key vault key metadata via data plane API

### Your suggestion The rule `Azure.KeyVault.AutoRotationPolicy` requires reading the key rotation policy but that is only available from the data plane API. Currently the export process doesn't handle this option,...

feature: in-flight-export