Set default values to a secure value - App Service

[elbatane]

All default values should comply with a security baseline, e.g. NIST 800

The build-in policies of Azure can be used as a reference.

The task would be to scan over each of the following policies and make sure, that the module is per default complying to them.

The following policies are the NIST 800 ones:

\built-in-policies\policyDefinitions\App Configuration\PrivateLink_Audit.json \built-in-policies\policyDefinitions\App Platform\Spring_VNETEnabled_Audit.json \built-in-policies\policyDefinitions\App Service\AppServiceApiApp_AuditHTTP_Audit.json \built-in-policies\policyDefinitions\App Service\AppServiceFunctionApp_AuditHTTP_Audit.json \built-in-policies\policyDefinitions\App Service\AppServiceWebapp_AuditHTTP_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_ApiApp_Audit_ClientCert.json \built-in-policies\policyDefinitions\App Service\AppService_ApiApp_Audit_HTTP_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_ApiApp_Audit_java_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_ApiApp_Audit_PHP_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_ApiApp_Audit_python_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_AuditFTPS_ApiApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_AuditFTPS_FunctionApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_AuditFTPS_WebApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_AuditLoggingMonitoring_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_DisableRemoteDebugging_ApiApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_DisableRemoteDebugging_FunctionApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_DisableRemoteDebugging_WebApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_FunctionApp_Audit_ClientCert.json \built-in-policies\policyDefinitions\App Service\AppService_FunctionApp_Audit_HTTP_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_FunctionApp_Audit_java_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_FunctionApp_Audit_python_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_RequireLatestTls_ApiApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_RequireLatestTls_FunctionApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_RequireLatestTls_WebApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_RestrictCORSAccess_ApiApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_RestrictCORSAccess_FuntionApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_RestrictCORSAccess_WebApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_UseManagedIdentity_ApiApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_UseManagedIdentity_FunctionApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_UseManagedIdentity_WebApp_Audit.json \built-in-policies\policyDefinitions\App Service\AppService_Webapp_Audit_ClientCert.json \built-in-policies\policyDefinitions\App Service\AppService_WebApp_Audit_HTTP_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_WebApp_Audit_java_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_Webapp_Audit_PHP_Latest.json \built-in-policies\policyDefinitions\App Service\AppService_WebApp_Audit_python_Latest.json

[AlexanderSehr]

Hey @MattLeach25 are you still planning to work in this issue? Otherwise we can re-assign it? :)