How can I create a Azure policy to audit app services authentication? I would like to enforce that all app services have Active Directory Authentication enabled, and flag other authentication methods as non-compliant.
Azure Policy to audit app service authentication
227 Views Asked by H.Scheidl At
1
There are 1 best solutions below
Related Questions in AZURE
- How to update to the latest external Git in Azure Web App?
- I need an azure product that executes my intensive ffmpeg command then dies, and i only get charged for the delta. Any Tips?
- Inject AsyncCollector into a service
- mutual tls authentication between app service and function app
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- Application settings for production deployment slot in Azure App Services
- Encountered an error (ServiceUnavailable) from host runtime on Azure Function App
- Implementing Incremental consent when using both application and delegated permissions
- Invalid format for email address in WordPress on Azure app service
- Producer Batching Service Bus Vs Kafka
- Integrating Angular External IP with ClusterIP of .NET microservices on AKS
- Difficulty creating a data pipeline with Fabric Datafactory using REST
- Azure Batch for Excel VBA
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Azure Scale Sets and Parallel Jobs
Related Questions in AZURE-WEB-APP-SERVICE
- mutual tls authentication between app service and function app
- Driver com.microsoft.sqlserver.jdbc.SQLServerDriver claims to not accept jdbcUrl, ${SPRING_DATASOURCE_URL}: GitHub Actions
- Invalid format for email address in WordPress on Azure app service
- How to migrate from Azure Static Web Apps to Azure App Service?
- azure web app how to organize code and folder structure
- My environment variables are not recognized in Azure - ASP.NET Core MVC
- Github actions to deploy subdirectory flask project to Azure Web App
- NextJS refused to execute script from fetched resource because its MIME type ('') is not executable, and strict MIME type checking is enabled
- Publish Vue.js + ASP.NET Core on Azure
- how to deploy flutter in azure app services
- pip install for Azure web app with custom deploy script
- Getting error System.Management.Automation.PSSecurityException HResult=0x80131501 in web application
- Third party API call not working from microsoft azure
- Azure Web App Deployment: SQLAlchemy OperationalError with SQL Server Connection for Python Flask Application
- Nuxt 2 azure package starts breaking on build all of a sudden
Related Questions in AZURE-MANAGEMENT
- Azure programmatically deploy subscription to specified MG
- How to retrieve managament groups in hierarchy (managment groups /subscription / resources in each group) using java
- Azure account vs tenant (and maybe vs management group)
- Azure REST API: Stop a classic service
- Enforcing Azure Policy for Convert Tags either being all lowercase or all uppercase
- Unable to Create Pool using Azure Batch Management Library with ServiceClientCrenetials generated via AzureCredentialsFactory
- Is it possible to authenticate Azure Management .NET SDK with InteractiveBrowserCredential?
- Azure Dashboard Widget for Monetary Credit
- Does Azure SDK V12 have a SQL Db management client?
- How do I add a contributor to a resource group without allow him to access any resource he has not created previously
- Azure Authentication and Authorization using java
- How to get Azure Products by product programmatically?
- How to find the Azure Subscription creation date using Azure CLI?
- How to find out the tenant name using REST API
- Azure CSP vs Microsoft Support
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
This is not possible today. You can audit your app services to check that authentication is enabled. But you cannot specify a specific identity provider as part of the policy.
A policy to insure that Azure AD is the identity provider, you would need something like this (which won't work today). Since there is not an alias to support the field
Microsoft.Web/sites/config/siteAuthSettings.issuer, it won't work.The guidance is to submit an issue here to request an alias be added, which it appears you did already. Posting it here in case others want to follow it.