Ensure CORS is tightly controlled and managed for Azure Windows Function App

MEDIUM

Description

Too open CORS policies for Azure Windows Function App may invite unauthorized access to resources.

Remediation

In Azure Console -

Open the Azure Portal and go to Function App.
Choose the Function App you wish to edit.
Under API, select CORS.
Configure as needed.

In Terraform -

In the azurerm_windows_function_app resource, create a cors block.
Configure the allowed_origins as needed.

References:
https://learn.microsoft.com/en-us/azure/azure-functions/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/windows_function_app#cors

Policy Details

Rule Reference ID: AC_AZURE_0119

CSP: Azure

Remediation Available: Yes

Domain: Infrastructure Security

Resource: azurerm_windows_function_app

Resource Category: Serverless

Resource Type: Function App

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
SOC2