Control types for @turbot/azure-appservice
- Azure > App Service > App Service Plan > Active
- Azure > App Service > App Service Plan > Approved
- Azure > App Service > App Service Plan > CMDB
- Azure > App Service > App Service Plan > Discovery
- Azure > App Service > App Service Plan > Tags
- Azure > App Service > Function App > Active
- Azure > App Service > Function App > Approved
- Azure > App Service > Function App > CMDB
- Azure > App Service > Function App > Discovery
- Azure > App Service > Function App > FTPS State
- Azure > App Service > Function App > HTTP 2.0 Enabled
- Azure > App Service > Function App > HTTPS Only
- Azure > App Service > Function App > Minimum TLS Version
- Azure > App Service > Function App > Tags
- Azure > App Service > Web App > Active
- Azure > App Service > Web App > Approved
- Azure > App Service > Web App > CMDB
- Azure > App Service > Web App > Discovery
- Azure > App Service > Web App > FTPS State
- Azure > App Service > Web App > HTTP 2.0 Enabled
- Azure > App Service > Web App > HTTPS Only
- Azure > App Service > Web App > Minimum TLS Version
- Azure > App Service > Web App > Tags
Azure > App Service > App Service Plan > Active
Take an action when an Azure App Service app service plan is not active based on theAzure > App Service > App Service Plan > Active > * policies
.
The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.
The Active control checks the status of all defined Active policies for the
resource (Azure > App Service > App Service Plan > Active > *
),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.
Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.
See Active for more information.
tmod:@turbot/azure-appservice#/control/types/appServicePlanActive
Azure > App Service > App Service Plan > Approved
Take an action when an Azure App Service app service plan is not approved based on Azure > App Service > App Service Plan > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
For any enforcement actions that specify if new
, e.g., Enforce: Delete unapproved if new
, this control will only take the enforcement actions for resources created within the last 60 minutes.
See Approved for more information.
tmod:@turbot/azure-appservice#/control/types/appServicePlanApproved
Azure > App Service > App Service Plan > CMDB
Record and synchronize details for the Azure App Service app service plan into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > App Service > App Service Plan > Regions
policy, the CMDB control will delete the
resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/appServicePlanCmdb
Azure > App Service > App Service Plan > Discovery
Discover all Azure App Service app service plan resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > App Service > App Service Plan > Regions
policy, the CMDB control will delete the resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/appServicePlanDiscovery
Azure > App Service > App Service Plan > Tags
Take an action when an Azure App Service app service plan tags is not updated based on the Azure > App Service > App Service Plan > Tags > *
policies.
If the resource is not updated with the tags defined in Azure > App Service > App Service Plan > Tags > Template
, this control raises an alarm and takes the defined enforcement action.
See Tags for more information.
tmod:@turbot/azure-appservice#/control/types/appServicePlanTags
Azure > App Service > Function App > Active
Take an action when an Azure App Service function app is not active based on theAzure > App Service > Function App > Active > * policies
.
The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.
The Active control checks the status of all defined Active policies for the
resource (Azure > App Service > Function App > Active > *
),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.
Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.
See Active for more information.
tmod:@turbot/azure-appservice#/control/types/functionAppActive
Azure > App Service > Function App > Approved
Take an action when an Azure App Service function app is not approved based on Azure > App Service > Function App > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
For any enforcement actions that specify if new
, e.g., Enforce: Delete unapproved if new
, this control will only take the enforcement actions for resources created within the last 60 minutes.
See Approved for more information.
tmod:@turbot/azure-appservice#/control/types/functionAppApproved
Azure > App Service > Function App > CMDB
Record and synchronize details for the Azure App Service function app into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > App Service > Function App > Regions
policy, the CMDB control will delete the
resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/functionAppCmdb
Azure > App Service > Function App > Discovery
Discover all Azure App Service function app resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > App Service > Function App > Regions
policy, the CMDB control will delete the resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/functionAppDiscovery
Azure > App Service > Function App > FTPS State
Define the state of FTP/FTPS setting required for Azure > App Service > Function App
.
tmod:@turbot/azure-appservice#/control/types/functionAppFtpsState
Azure > App Service > Function App > HTTP 2.0 Enabled
Define the HTTP 2.0 setting required for Azure > App Service > Function App
.
tmod:@turbot/azure-appservice#/control/types/functionAppHttp20Enabled
Azure > App Service > Function App > HTTPS Only
Define the HTTPS Only setting required for Azure > App Service > Function App
.
tmod:@turbot/azure-appservice#/control/types/functionAppHttpsOnly
Azure > App Service > Function App > Minimum TLS Version
Define the Minimum TLS Version setting required for Azure > App Service > Function App
.
tmod:@turbot/azure-appservice#/control/types/functionAppMinimumTlsVersion
Azure > App Service > Function App > Tags
Take an action when an Azure App Service function app tags is not updated based on the Azure > App Service > Function App > Tags > *
policies.
If the resource is not updated with the tags defined in Azure > App Service > Function App > Tags > Template
, this control raises an alarm and takes the defined enforcement action.
See Tags for more information.
tmod:@turbot/azure-appservice#/control/types/functionAppTags
Azure > App Service > Web App > Active
Take an action when an Azure App Service web app is not active based on theAzure > App Service > Web App > Active > * policies
.
The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.
The Active control checks the status of all defined Active policies for the
resource (Azure > App Service > Web App > Active > *
),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.
Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.
See Active for more information.
tmod:@turbot/azure-appservice#/control/types/webAppActive
Azure > App Service > Web App > Approved
Take an action when an Azure App Service web app is not approved based on Azure > App Service > Web App > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
For any enforcement actions that specify if new
, e.g., Enforce: Delete unapproved if new
, this control will only take the enforcement actions for resources created within the last 60 minutes.
See Approved for more information.
tmod:@turbot/azure-appservice#/control/types/webAppApproved
Azure > App Service > Web App > CMDB
Record and synchronize details for the Azure App Service web app into the CMDB.
The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.
Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.
CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > App Service > Web App > Regions
policy, the CMDB control will delete the
resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/webAppCmdb
Azure > App Service > Web App > Discovery
Discover all Azure App Service web app resources and add them to the CMDB.
The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.
Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > App Service > Web App > Regions
policy, the CMDB control will delete the resource from the CMDB.
tmod:@turbot/azure-appservice#/control/types/webAppDiscovery
Azure > App Service > Web App > FTPS State
Define the state of FTP/FTPS setting required for Azure > App Service > Web App
.
tmod:@turbot/azure-appservice#/control/types/webAppFtpsState
Azure > App Service > Web App > HTTP 2.0 Enabled
Define the HTTP 2.0 setting required for Azure > App Service > Web App
.
tmod:@turbot/azure-appservice#/control/types/webAppHttp20Enabled
Azure > App Service > Web App > HTTPS Only
Define the HTTPS Only setting required for Azure > App Service > Web App
.
tmod:@turbot/azure-appservice#/control/types/webAppHttpsOnly
Azure > App Service > Web App > Minimum TLS Version
Define the Minimum TLS Version setting required for Azure > App Service > Web App
.
tmod:@turbot/azure-appservice#/control/types/webAppMinimumTlsVersion
Azure > App Service > Web App > Tags
Take an action when an Azure App Service web app tags is not updated based on the Azure > App Service > Web App > Tags > *
policies.
If the resource is not updated with the tags defined in Azure > App Service > Web App > Tags > Template
, this control raises an alarm and takes the defined enforcement action.
See Tags for more information.
tmod:@turbot/azure-appservice#/control/types/webAppTags