last sync: 2024-Nov-25 18:54:24 UTC

App Service app slots should only be accessible over HTTPS

Azure BuiltIn Policy definition

Source Azure Portal
Display name App Service app slots should only be accessible over HTTPS
Id ae1b9a8c-dfce-4605-bd91-69213b4a26fc
Version 2.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0
Built-in Versioning [Preview]
Category App Service
Microsoft Learn
Description Use of HTTPS ensures server/service authentication and protects data in transit from network layer eavesdropping attacks.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled, Deny
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Web/sites/slots/httpsOnly Microsoft.Web sites/slots properties.httpsOnly True True
Rule resource types IF (1)
Microsoft.Web/sites/slots
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Preview]: Control the use of App Service in a Virtual Enclave 528d78c5-246c-4f26-ade6-d30798705411 VirtualEnclaves Preview BuiltIn
Deny or Deploy and append TLS requirements and SSL enforcement on resources without Encryption in transit Enforce-EncryptTransit_20240509 Encryption GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-10-07 16:34:28 change Major (1.0.0 > 2.0.0)
2022-08-26 16:33:38 add ae1b9a8c-dfce-4605-bd91-69213b4a26fc
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC