AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

[Deprecated]: API apps should have 'Client Certificates (Incoming client certificates)' enabled

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: API apps should have 'Client Certificates (Incoming client certificates)' enabled

0c192fe8-9cbb-4516-85b3-0ade8bd03886

Version

1.0.0-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0 (1.0.0-deprecated)
Built-in Versioning [Preview]

Category

App Service
Microsoft Learn

Description

Client certificates allow for the app to request a certificate for incoming requests. Only clients that have a valid certificate will be able to reach the app. We recommend all customers who are still using API Apps to implement the built-in policy called 'App Service apps should have 'Client Certificates (Incoming client certificates)' enabled', which is scoped to include API apps in addition to Web Apps.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

True

Effect

Default
Audit
Allowed
Audit, Disabled

RBAC role(s)

none

Rule aliases

IF (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Web/sites/clientCertEnabled	Microsoft.Web	sites	properties.clientCertEnabled	True		False

Rule resource types

IF (1)
Microsoft.Web/sites

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-07-01 16:32:34	change	Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
2019-11-12 19:11:12	add	0c192fe8-9cbb-4516-85b3-0ade8bd03886

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC