Ensure CORS is tightly controlled and managed for Azure Linux Function App

MEDIUM

Description

Too open CORS policies for Azure Linux Function App may invite unauthorized access to resources.

Remediation

In Azure Console -

Open the Azure Portal and go to Function App.
Choose the Function App you wish to edit.
Under API, select CORS.
Configure as needed.

In Terraform -

In the azurerm_linux_function_app resource, create a cors block.
Configure the allowed_origins as needed.

References:
https://learn.microsoft.com/en-us/azure/azure-functions/
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_function_app#cors

Policy Details

Rule Reference ID: AC_AZURE_0142

CSP: Azure

Remediation Available: Yes

Domain: Infrastructure Security

Resource: azurerm_linux_function_app

Resource Category: Serverless

Resource Type: Function App

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
SOC2