rspec/rules/S6382/terraform/message.adoc

=== Message

For these resources:

* `api_management`:
* `app_service`
* `data_factory_linked_service_sftp`
* `data_factory_linked_service_web`
* `linux_web_app`
* `windows_web_app` (if both parameters are non-compliant, flag `client_certificate_enabled` first)

These messages apply:

* If an assignment is missing: Omitting {property_name} disables certificate-based authentication. Make sure it is safe here.
* If the assignment is security-sensitive: Make sure that disabling certificate-based authentication is safe here.

* For `function_app`:
** Omitting `client_cert_mode` makes certificate-based authentication optional. Make sure it is safe here.
** Make sure that setting certificate-based authentication as optional is safe here.

* For `logic_app_standard`:
** Omitting `client_certificate_mode` makes certificate-based authentication optional. Make sure it is safe here.
** Make sure that setting certificate-based authentication as optional is safe here.

Make sure that disabling certificate-based authentication is safe here.
Modify rule S6382: Add language AzureResourceManager (Bicep) (#1921) Specification ticket: https://sonarsource.atlassian.net/browse/SONARIAC-762 Implementation ticket: TBC This PR builds on top of #1920 to add examples using the Bicep language. --------- Co-authored-by: Rudy Regazzoni <110470341+rudy-regazzoni-sonarsource@users.noreply.github.com> 2023-08-03 16:52:32 +02:00			`=== Message`

			`For these resources:`

			* `api_management`:
			* `app_service`
			* `data_factory_linked_service_sftp`
			* `data_factory_linked_service_web`
Modify Rule S6382: Fix outdated properties (APPSEC-773) (#2514) * Fix outdated property * Swap Web Apps for Containers and App Service 2024-09-11 10:37:08 +02:00			* `linux_web_app`
			* `windows_web_app` (if both parameters are non-compliant, flag `client_certificate_enabled` first)
Modify rule S6382: Add language AzureResourceManager (Bicep) (#1921) Specification ticket: https://sonarsource.atlassian.net/browse/SONARIAC-762 Implementation ticket: TBC This PR builds on top of #1920 to add examples using the Bicep language. --------- Co-authored-by: Rudy Regazzoni <110470341+rudy-regazzoni-sonarsource@users.noreply.github.com> 2023-08-03 16:52:32 +02:00
			`These messages apply:`

			`* If an assignment is missing: Omitting {property_name} disables certificate-based authentication. Make sure it is safe here.`
			`* If the assignment is security-sensitive: Make sure that disabling certificate-based authentication is safe here.`

Modify Rule S6382: Fix outdated properties (APPSEC-773) (#2514) * Fix outdated property * Swap Web Apps for Containers and App Service 2024-09-11 10:37:08 +02:00			* For `function_app`:
Modify rule S6382: Add language AzureResourceManager (Bicep) (#1921) Specification ticket: https://sonarsource.atlassian.net/browse/SONARIAC-762 Implementation ticket: TBC This PR builds on top of #1920 to add examples using the Bicep language. --------- Co-authored-by: Rudy Regazzoni <110470341+rudy-regazzoni-sonarsource@users.noreply.github.com> 2023-08-03 16:52:32 +02:00			** Omitting `client_cert_mode` makes certificate-based authentication optional. Make sure it is safe here.
			`** Make sure that setting certificate-based authentication as optional is safe here.`

Modify Rule S6382: Fix outdated properties (APPSEC-773) (#2514) * Fix outdated property * Swap Web Apps for Containers and App Service 2024-09-11 10:37:08 +02:00			* For `logic_app_standard`:
			** Omitting `client_certificate_mode` makes certificate-based authentication optional. Make sure it is safe here.
			`** Make sure that setting certificate-based authentication as optional is safe here.`

Modify rule S6382: Add language AzureResourceManager (Bicep) (#1921) Specification ticket: https://sonarsource.atlassian.net/browse/SONARIAC-762 Implementation ticket: TBC This PR builds on top of #1920 to add examples using the Bicep language. --------- Co-authored-by: Rudy Regazzoni <110470341+rudy-regazzoni-sonarsource@users.noreply.github.com> 2023-08-03 16:52:32 +02:00			`Make sure that disabling certificate-based authentication is safe here.`