9619fe4284
[Specification ticket](https://sonarsource.atlassian.net/browse/APPSEC-777) [Implementation ticket](https://sonarsource.atlassian.net/browse/SONARIAC-889) [RSPEC Preview](https://sonarsource.github.io/rspec/#/rspec/S6378/azureresourcemanager) Bicep PR for S6378: #2255 ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com> Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
9 lines
325 B
Plaintext
9 lines
325 B
Plaintext
== Ask Yourself Whether
|
|
|
|
The resource:
|
|
|
|
* Needs to authenticate to Azure resources that support Azure Active Directory (AAD).
|
|
* Uses a different Access Control system that doesn't guarantee the same security controls as AAD, or no Access Control system at all.
|
|
|
|
There is a risk if you answered yes to all of those questions.
|