@turbot/azure-appservice

Recommended Version

Resource Types

• Azure > App Service
• Azure > App Service > App Service Plan
• Azure > App Service > Function App
• Azure > App Service > Web App

Control Types

• Azure > App Service > App Service Plan > Active
• Azure > App Service > App Service Plan > Approved
• Azure > App Service > App Service Plan > CMDB
• Azure > App Service > App Service Plan > Discovery
• Azure > App Service > App Service Plan > Tags
• Azure > App Service > Function App > Active
• Azure > App Service > Function App > Approved
• Azure > App Service > Function App > CMDB
• Azure > App Service > Function App > Discovery
• Azure > App Service > Function App > FTPS State
• Azure > App Service > Function App > HTTP 2.0 Enabled
• Azure > App Service > Function App > HTTPS Only
• Azure > App Service > Function App > Minimum TLS Version
• Azure > App Service > Function App > Tags
• Azure > App Service > Web App > Active
• Azure > App Service > Web App > Approved
• Azure > App Service > Web App > CMDB
• Azure > App Service > Web App > Discovery
• Azure > App Service > Web App > FTPS State
• Azure > App Service > Web App > HTTP 2.0 Enabled
• Azure > App Service > Web App > HTTPS Only
• Azure > App Service > Web App > Minimum TLS Version
• Azure > App Service > Web App > Tags

Policy Types

• Azure > App Service > App Service Plan > Active
• Azure > App Service > App Service Plan > Active > Age
• Azure > App Service > App Service Plan > Active > Last Modified
• Azure > App Service > App Service Plan > Approved
• Azure > App Service > App Service Plan > Approved > Custom
• Azure > App Service > App Service Plan > Approved > Regions
• Azure > App Service > App Service Plan > Approved > Usage
• Azure > App Service > App Service Plan > CMDB
• Azure > App Service > App Service Plan > Regions
• Azure > App Service > App Service Plan > Tags
• Azure > App Service > App Service Plan > Tags > Template
• Azure > App Service > Approved Regions [Default]
• Azure > App Service > Enabled
• Azure > App Service > Function App > Active
• Azure > App Service > Function App > Active > Age
• Azure > App Service > Function App > Active > Last Modified
• Azure > App Service > Function App > Approved
• Azure > App Service > Function App > Approved > Custom
• Azure > App Service > Function App > Approved > Regions
• Azure > App Service > Function App > Approved > Usage
• Azure > App Service > Function App > CMDB
• Azure > App Service > Function App > FTPS State
• Azure > App Service > Function App > HTTP 2.0 Enabled
• Azure > App Service > Function App > HTTPS Only
• Azure > App Service > Function App > Minimum TLS Version
• Azure > App Service > Function App > Regions
• Azure > App Service > Function App > Tags
• Azure > App Service > Function App > Tags > Template
• Azure > App Service > Permissions
• Azure > App Service > Permissions > Levels
• Azure > App Service > Permissions > Levels > Modifiers
• Azure > App Service > Regions
• Azure > App Service > Tags Template [Default]
• Azure > App Service > Web App > Active
• Azure > App Service > Web App > Active > Age
• Azure > App Service > Web App > Active > Last Modified
• Azure > App Service > Web App > Approved
• Azure > App Service > Web App > Approved > Custom
• Azure > App Service > Web App > Approved > Regions
• Azure > App Service > Web App > Approved > Usage
• Azure > App Service > Web App > CMDB
• Azure > App Service > Web App > FTPS State
• Azure > App Service > Web App > HTTP 2.0 Enabled
• Azure > App Service > Web App > HTTPS Only
• Azure > App Service > Web App > Minimum TLS Version
• Azure > App Service > Web App > Regions
• Azure > App Service > Web App > Tags
• Azure > App Service > Web App > Tags > Template
• Azure > Turbot > Permissions > Compiled > Levels > @turbot/azure-appservice
• Azure > Turbot > Permissions > Compiled > Service Permissions > @turbot/azure-appservice

Release Notes

5.9.0 (2024-04-19)

What's new?

• We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.

• Resource's metadata will now also include createdBy details in Turbot CMDB.

Policy Types

• Azure > App Service > App Service Plan > Approved > Custom
• Azure > App Service > Function App > Approved > Custom
• Azure > App Service > Web App > Approved > Custom

5.8.0 (2023-03-10)

Control Types

• Azure > App Service > App Service Plan > Tags
• Azure > App Service > Function App > Tags
• Azure > App Service > Web App > Tags

Policy Types

• Azure > App Service > App Service Plan > Tags
• Azure > App Service > App Service Plan > Tags > Template
• Azure > App Service > Function App > Tags
• Azure > App Service > Function App > Tags > Template
• Azure > App Service > Tags Template [Default]
• Azure > App Service > Web App > Tags
• Azure > App Service > Web App > Tags > Template

Action Types

• Azure > App Service > App Service Plan > Set Tags
• Azure > App Service > Function App > Set Tags
• Azure > App Service > Web App > Set Tags

5.7.0 (2022-09-02)

Bug fixes

• We've made a few improvements in the GraphQL queries for various router actions. You won't notice any difference, but things should run lighter and quicker than before.
• Controls run faster now when in the tbd and skipped states thanks to the new Turbot Precheck feature (not to be confused with TSA PreCheck). With Turbot Precheck, controls avoid running GraphQL input queries when in tbd and skipped, resulting in faster and lighter control runs.
• We've improved the process of deleting resources from Guardrails if their CMDB policy was set to Enforce: Disabled. The CMDB controls will now not look to resolve credentials via Guardrails' IAM role while deleting resources from Guardrails. This will allow the CMDB controls to process resource deletions from Guardrails more reliably than before.

Control Types

• Azure > App Service > Function App > FTPS State
• Azure > App Service > Function App > HTTP 2.0 Enabled
• Azure > App Service > Function App > HTTPS Only
• Azure > App Service > Function App > Minimum TLS Version
• Azure > App Service > Web App > FTPS State
• Azure > App Service > Web App > HTTP 2.0 Enabled
• Azure > App Service > Web App > HTTPS Only
• Azure > App Service > Web App > Minimum TLS Version

Policy Types

• Azure > App Service > Function App > FTPS State
• Azure > App Service > Function App > HTTP 2.0 Enabled
• Azure > App Service > Function App > HTTPS Only
• Azure > App Service > Function App > Minimum TLS Version
• Azure > App Service > Web App > FTPS State
• Azure > App Service > Web App > HTTP 2.0 Enabled
• Azure > App Service > Web App > HTTPS Only
• Azure > App Service > Web App > Minimum TLS Version

Action Types

• Azure > App Service > Function App > Set FTPS State
• Azure > App Service > Function App > Set HTTP 2.0 Enabled
• Azure > App Service > Function App > Set HTTPS Only
• Azure > App Service > Function App > Set Minimum TLS Version
• Azure > App Service > Web App > Set FTPS State
• Azure > App Service > Web App > Set HTTP 2.0 Enabled
• Azure > App Service > Web App > Set HTTPS Only
• Azure > App Service > Web App > Set Minimum TLS Version

5.6.1 (2021-01-11)

Bug fixes

• We've updated the Discovery controls for resources to now move to skipped instead of invalid if the provider is disabled in the subscription and the Azure > Provider > {service} > Registered policy is checking if the provider is disabled. This will reduce the amount of noisy controls that cannot be easily resolved without making changes to the provider.

5.6.0 (2020-10-21)

What's new?

• We've made improvements to how Approved controls interact with CMDB policies and controls for more reliable approved checks. Now, if a resource's CMDB policy is set to Skip, its Approved control will move to invalid to prevent the Approved control from making a decision based on outdated information. Also, Approved controls will now wait until the resource's CMDB control has run at least once to ensure the required data is available.

5.5.0 (2020-09-25)

What's new?

• We've made improvements to how Active controls interact with CMDB policies and controls for more reliable active checks. Now, if a resource's CMDB policy is set to Skip, its Active control will move to invalid to prevent the Active control from making a decision based on outdated information. Also, Active controls will now wait until the resource's CMDB control has run at least once to ensure the required data is available.

5.4.0 (2020-08-27)

What's new?

• Discovery controls now have their own control category, CMDB > Discovery, to allow for easier filtering separately from other CMDB controls.
• We've renamed the service's default regions policy from Regions [Default] to Regions to be consistent with our other regions policies.

5.3.3 (2020-07-24)

Bug fixes

• When deleting inactive resources through an Active control, different warning periods in days can be set to delay deletion. We recently identified a bug that would cause these warning periods to be ignored, and any inactive resources would be deleted immediately. This bug has been fixed and now all Active controls will abide by the warning period set in the policy value.

5.3.2 (2020-07-08)

Bug fixes

• We've cleaned up some code that was causing trouble in the Azure > App Service > Function App > Discovery control, sometimes causing the control to get stuck in error. The control is running smoothly again and should not get stuck in error again.

5.3.1 (2020-06-15)

What's new?

• All resource Router actions now run even if Guardrails is outside of its allowed change window. This allows Guardrails to maintain an up-to-date CMDB by handling resource updates at all times. Note that this only affects Guardrails' ability to process resources changes that were made in the cloud provider - enforcement actions are still disabled outside of the change window.

Bug fixes

• Although the data validation errors, which appear in various CMDB and Discovery controls, are not blockers, they look ugly in the UI and should be cleaned up. These errors have now been fixed.
• Links to documentation in the descriptions for several controls and policies were broken. These links have now been fixed.