Ensure auditing and monitoring is enabled for Azure App Service

MEDIUM

Description

Disabling auditing and monitoring services may make audit challenging for Azure App Service.

Remediation

In Azure Console -

Open the Azure Portal and go to App Services.
Select the App service you wish to edit.
Select App Service Logs under Monitoring.
Configure logs accordingly.
Save.

In Terraform -

In the azurerm_app_service resource, configure a logs block accordingly.

References:
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#logs

Policy Details

Rule Reference ID: AC_AZURE_0192

CSP: Azure

Remediation Available: No

Domain: Logging and Monitoring

Resource: azurerm_app_service

Resource Category: Serverless

Resource Type: App Service

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF