-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(arm): CKV_AZURE_56 just for authsettingsV2 name (#6557)
* CKV_AZURE_56 just for authsettingsV2 name * fixes
- Loading branch information
1 parent
9e00344
commit e025a04
Showing
6 changed files
with
45 additions
and
17 deletions.
There are no files selected for viewing
29 changes: 19 additions & 10 deletions
29
checkov/arm/checks/resource/FunctionAppsEnableAuthentication.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,32 @@ | ||
from checkov.arm.base_resource_value_check import BaseResourceValueCheck | ||
from checkov.common.models.enums import CheckCategories | ||
from __future__ import annotations | ||
|
||
from typing import Any | ||
|
||
class FunctionAppsEnableAuthentication(BaseResourceValueCheck): | ||
from checkov.arm.base_resource_check import BaseResourceCheck | ||
from checkov.common.models.enums import CheckCategories, CheckResult | ||
|
||
|
||
class FunctionAppsEnableAuthentication(BaseResourceCheck): | ||
|
||
def __init__(self) -> None: | ||
name = "Ensure that function apps enables Authentication" | ||
id = "CKV_AZURE_56" | ||
supported_resources = ("Microsoft.Web/sites/config",) | ||
categories = (CheckCategories.GENERAL_SECURITY,) | ||
super().__init__(name=name, | ||
id=id, | ||
categories=categories, | ||
supported_resources=supported_resources, | ||
super().__init__(name=name, id=id, categories=categories, supported_resources=supported_resources,) | ||
|
||
) | ||
def scan_resource_conf(self, conf: dict[str, Any]) -> CheckResult: | ||
if conf.get('name', '') != 'authsettingsV2': | ||
return CheckResult.PASSED | ||
|
||
def get_inspected_key(self) -> str: | ||
return 'properties/platform/enabled' | ||
properties = conf.get('properties', {}) | ||
if properties and isinstance(properties, dict): | ||
platform = properties.get('platform', {}) | ||
if platform and isinstance(properties, dict): | ||
enabled = platform.get('enabled', False) | ||
if enabled: | ||
return CheckResult.PASSED | ||
return CheckResult.FAILED | ||
|
||
|
||
check = FunctionAppsEnableAuthentication() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 changes: 18 additions & 0 deletions
18
tests/arm/checks/resource/example_FunctionAppsEnableAuthentication/pass2.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
{ | ||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | ||
"contentVersion": "1.0.0.0", | ||
"resources": [ | ||
{ | ||
"type": "Microsoft.Web/sites/config", | ||
"apiVersion": "2021-02-01", | ||
"name": "pass", | ||
"properties": { | ||
"httpSettings": { | ||
"forwardProxy": { | ||
"convention": "Custom" | ||
} | ||
} | ||
} | ||
} | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters