Detections
Analytics

Ensure that custom domains are configured in Azure App Service

LOW

Description

Custom domains are often used in Azure App Service for a number of reasons, including security. As an origin location, App Service apps can be configured for mutual TLS using a custom domain and origin certificate.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to App Services.
  2. Select the App service you wish to edit.
  3. Select Custom domains under Settings.
  4. Add a custom domain entry.

In Terraform -

  1. For each azurerm_app_service resource, create an azurerm_app_service_custom_hostname_binding resource.
  2. Reference the app_service_name to link it to the App Service.

References:
https://learn.microsoft.com/en-us/azure/app-service/configure-language-dotnet-framework
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_custom_hostname_binding

Policy Details

Rule Reference ID: AC_AZURE_0195
CSP: Azure
Remediation Available: Yes
Domain: Security Best Practices
Resource: azurerm_app_service
Resource Category: Serverless
Resource Type: App Service

Frameworks